The Download
SonicWall has identified a critical authentication bypass vulnerability, designated as CVE-2024-53704, affecting its firewall devices' SSL VPN and SSH management interfaces. This flaw, with a CVSS score of 8.2, allows remote attackers to bypass authentication mechanisms, potentially granting unauthorized access to network resources. Exploiting this vulnerability could enable attackers to infiltrate corporate networks, exfiltrate sensitive data, or deploy malware, thereby compromising the organization's security posture.
What You Can Do
To mitigate this risk, IT administrators should promptly upgrade their SonicWall devices to the latest firmware versions provided by the vendor. Specifically, Gen 6/6.5 hardware firewalls should be updated to SonicOS 6.5.5.1-6n or newer, Gen 6/6.5 NSv firewalls to SonicOS 6.5.4.v-21s-RC2457 or newer, and Gen 7 firewalls to SonicOS 7.0.1-5161 or newer. Additionally, it's advisable to restrict SSL VPN and SSH management access to trusted IP addresses and disable these services from internet exposure if not required. Implementing multi-factor authentication (MFA) for all remote access further enhances security by adding an extra layer of verification, thereby reducing the likelihood of unauthorized access.
Continuously scan all your attack surfaces with ThreatMate to find and fix vulnerabilities before your adversaries exploit them.
To Learn More: