Summary: Cybersecurity firm Arctic Wolf has reported that threat actors are actively exploiting a high-severity authentication bypass vulnerability (CVE-2024-53704) in SonicWall firewalls shortly after a proof-of-concept (PoC) was published. The vulnerability allows attackers to bypass multi-factor authentication and access sensitive information. SonicWall has released patches, but many systems remain unprotected, prompting urgent calls for organizations to update or disable SSLVPN services as a precaution.
Affected: SonicWall firewall systems
Keypoints :
- The vulnerability (CVE-2024-53704) is a high-severity authentication bypass in the SSLVPN authentication mechanism of SonicOS.
- Exploit attempts surged after technical details and a PoC were made public by Bishop Fox.
- Organizations are advised to promptly update their systems to mitigate the risk of exploitation, as around 4,500 internet-facing SonicWall SSL VPN servers remained unpatched by early February.
Source: https://www.securityweek.com/sonicwall-firewall-vulnerability-exploited-after-poc-publication/