SonicWall Urges Immediate Firmware Upgrade to Patch Critical Firewall Vulnerabilities
SonicWall has issued an urgent advisory to its customers, emphasizing the need to upgrade their SonicOS firmware to address a critical authentication bypass vulnerability (CVE-2024-53704) affecting SSL VPN and SSH management interfaces. This flaw is rated 8.2 (high severity) on the CVSS scale and is actively exploitable, posing significant security risks.
Details of the Flaw
CVE-2024-53704 impacts both Generation 6 and Generation 7 SonicWall firewalls, specifically the following firmware versions:
- Gen 6/6.5 hardware firewalls: Versions 6.5.4.15-117n and older.
- Gen 7 firewalls: Versions 7.0.1-5161 and older.
This vulnerability allows attackers to bypass authentication on devices with SSL VPN or SSH management enabled.
See Also: So, you want to be a hacker?
Offensive Security, Bug Bounty Courses
Discover your weakest link. Be proactive, not reactive. Cybercriminals need just one flaw to strike.
Additional Vulnerabilities
SonicWall’s bulletin highlights three more vulnerabilities of medium to high severity:
CVE-2024-40762:
- Type: Weak cryptographic pseudo-random number generator (PRNG).
- Impact: Attackers can potentially predict authentication tokens, enabling unauthorized access.
CVE-2024-53705:
- Type: Server-Side Request Forgery (SSRF).
- Impact: A logged-in attacker can establish TCP connections to arbitrary IPs and ports via the SSH management interface.
CVE-2024-53706:
- Type: Privilege escalation.
- Impact: On Gen7 Cloud NSv firewalls for AWS and Azure, low-privileged authenticated attackers can escalate to root and execute arbitrary code.
Recommended Firmware Updates
To protect against these vulnerabilities, SonicWall advises upgrading to the following versions:
| Firewall Type | Required Firmware Version |
|---|---|
| Gen 6/6.5 Hardware Firewalls | SonicOS 6.5.5.1-6n or newer |
| Gen 6/6.5 NSv Firewalls | SonicOS 6.5.4.v-21s-RC2457 or newer |
| Gen 7 Firewalls | SonicOS 7.0.1-5165, 7.1.3-7015, or newer |
| TZ80 | SonicOS 8.0.0-8037 or newer |
Mitigation Measures
While applying firmware updates is the most effective defense, SonicWall recommends these mitigations:
For SSL VPN vulnerabilities:
- Limit access to trusted IP sources.
- Disable internet-facing SSL VPN access if unnecessary.
For SSH vulnerabilities:
- Restrict firewall SSH management to trusted sources.
- Disable SSH access from the internet entirely if not required.
Are u a security researcher? Or a company that writes articles about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing? If you want to express your idea in an article contact us here for a quote: [email protected]
Source: bleepingcomputer.com
Recent News
New Mirai-Based Botnet Exploits Zero-Day Vulnerabilities in Industrial and Smart Devices
Ficora and Capsaicin Botnets Exploit Outdated D-Link Routers in Global DDoS Surge
Hackers Exploit HubSpot Forms to Steal Microsoft Azure Credentials from Thousands
Kali Linux 2024.4: 14 New Tools, Python 3.12, and Raspberry Pi Enhancements
Offensive Security & Ethical Hacking Course
Begin the learning curve of hacking now!
Information Security Solutions
Find out how Pentesting Services can help you.
