SonicWall tells admins to patch worrying SSLVPN flaw immediately

LovabledanielsJanuary 9, 202562 Views

SonicWall is mailing IT admins, warning them about a high-severity vulnerability in its firewalls
The bug is “susceptible to actual exploitation” it said
A patch is available, as well as a few mitigation measures

SonicWall has recently addressed a high-severity vulnerability in its firewalls which is “susceptible to actual exploitation.” The company has since started notifying IT admins, urging them to apply the fix immediately and secure their endpoints.

Citing a few Reddit users who were contacted by SonicWall, BleepingComputer said the vulnerability is an authentication bypass in SSL VPN and SSH management, tracked as CVE-2024-53704.

It has a severity score of 8.2 (high) and impacts multiple generation six and generation seven firewalls, powered by SonicOS 6.5.4.15-117n and older and 7.0.1-5161 and older.

Three more flaws

“We have identified a high (CVE Score 8.2) firewall vulnerability that is susceptible to actual exploitation for customers with SSL VPN or SSH management enabled and that should be mitigated immediately by upgrading to the latest firmware, which will be web-posted tomorrow, Jan 7th, 2025,” SonicWall apparently said in the email.

“The same firmware upgrade contains mitigations for additional, less-critical vulnerabilities.”

For those running Gen 6 or 6.5 hardware firewalls, SonicOS 6.5.5.1-6n or newer is the firmware they should update to, while Gen 6 / 6.5 NSv firewalls need to look for SonicOS 6.5.4.v-21s-RC2457 or newer. Finally, TZ80 users need at least SonicOS 8.0.0-8037.

In the same patch, the company fixed three additional flaws (CVE-2024-40762, CVE-2024-53705, and CVE-2024-53706), which allow for authentication bypassing, remote code execution, and more.

Those that are unable to install the patch immediately should at least apply the mitigations SonicWall suggested in the security advisory, which include limiting access to trusted sources, or disabling SSLVPN access from the Internet.

To minimize the potential impact of an SSH vulnerability, SonicWall suggests restricting firewall management to trusted sources as well, and disabling firewall SSH management from the internet.

Via BleepingComputer

Weekly update

How much? A shocking number of people don’t know what Windows version they have – but this doesn’t mean they aren’t confident they could upgrade to Windows 11 right now

This PlayStation Portal accessory isn’t the newest bit of kit going, but it might just be the missing piece from my setup

Tesla is secretly testing new versions of its Model S Plaid and Model Y Performance – here’s what to expect

Weekly Newsletter

SonicWall tells admins to patch worrying SSLVPN flaw immediately

Leave a comment

Leave a Reply Cancel reply

Explore more

This PlayStation Portal accessory isn’t the newest bit of kit going, but it might just be the missing piece from my setup

Tesla is secretly testing new versions of its Model S Plaid and Model Y Performance – here’s what to expect

Hackers could use smartwatches to eavesdrop on air-gapped computers via ultrasonic signals

Chrisette Michele Announces “Severe” Autism Diagnosis

Hydrogen sourcing could make or break Romania’s green steel ambitions

My hope for Micro Four Thirds is waning – OM System’s latest travel camera is yet another disappointing upgrade

‘Yes, in my back yard’—most people who live near large-scale solar projects are happy to have more built nearby

Wimbledon 2025 is set to be the smartest Championships yet, and it might help me fall in love with tennis again

Get to Know Us

Let's keep in touch