Summary: Attackers are exploiting a critical authentication bypass vulnerability (CVE-2024-53704) in SonicWall firewalls, enabling unauthorized access to networks via active SSL VPN sessions. SonicWall has urged clients to urgently upgrade their SonicOS firmware to mitigate risks and provided interim measures for those unable to patch immediately. Recent detections of exploitation attempts have confirmed the effectiveness of the proof-of-concept (PoC) exploit released shortly after security patches were made available.
Affected: SonicWall firewalls (SonicOS versions 7.1.x and 8.0.0)
Keypoints :
- Critical vulnerability allows remote attackers to hijack SSL VPN sessions without authentication.
- Over 4,500 unpatched SonicWall servers exposed online were identified; immediate firmware updates are strongly recommended.
- Cybersecurity firm Arctic Wolf detected exploitation attempts shortly after PoC release, indicating high risk for users.