Tech

SonicWall VPN flaw could allow hackers to hijack your sessions, so patch now

Share
Share


  • Bishop Fox found a way to abuse a SonicWall VPN flaw
  • It allows threat actors to bypass authentication and hijack sessions
  • There are thousands of vulnerable endpoints

A major vulnerability in the SonicWall VPN which can be exploited to hijack sessions and access the target network has now seen its first proof-of-concept (PoC) attack, meaning it’s only a matter of time before cybercriminals start exploiting it in the wild.

In early January 2025, SonicWall raised the alarm on a vulnerability in SonicOS and urged its users to apply the fix immediately. The flaw is tracked as CVE-2024-53704, and described as an Improper Authentication bug in the SSLVPN authentication mechanism. It was given a severity score of 9.8/10 (critical) and was said it could be abused to allow a remote attacker to bypass authentication.

Share

Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Articles
HR departments could soon be set for a major shake-up as AI takes hold
Tech

HR departments could soon be set for a major shake-up as AI takes hold

Agentic AI adoption will rise by 327% by 2027, boosting productivity by...

ChatGPT is getting smarter, but its hallucinations are spiraling
Tech

ChatGPT is getting smarter, but its hallucinations are spiraling

OpenAI’s latest AI models, GPT o3 and o4-mini, hallucinate significantly more often...

You can now edit images in Gemini directly
Tech

You can now edit images in Gemini directly

Google’s Gemini can now edit both AI-generated and personal images using text...