A high-severity authentication bypass flaw, CVE-2024-53704, exists in SonicWall firewalls, compromising SSL VPN authentication. Exploitation enables remote attackers to hijack existing VPN sessions, thereby gaining unauthorized access to networks. Although SonicWall released its advisory and patch in January, some users remain unpatched, prompting increased exploitation attempts. Researchers call the flaw trivial to exploit, highlighting the need for immediate updates or the disabling of SSL VPN features for users unable to patch. Monitoring firms are actively tracking the attempts to exploit this vulnerability in the wild.
Miscreants are actively abusing a high-severity authentication bypass bug in unpatched internet-facing SonicWall firewalls following the public release of proof-of-concept exploit code.
The vulnerability, tracked as CVE-2024-53704, allows remote attackers to hijack active SSL VPN sessions on vulnerable SonicOS equipment, granting unauthorized network access.
Bishop Fox researchers noted that the flaw was trivial to exploit, emphasizing the urgency for users to patch their SonicWall devices.
SonicWall echoed the call for immediate customer action, urging upgrades or disabling the SSL VPN mechanism if updates aren't possible.
Collection
[
|
...
]