Sonicwall

SonicWall urges admins to patch exploitable SSLVPN bug immediately

Share:

SonicWall is emailing customers urging them to upgrade their firewall’s SonicOS firmware to patch an authentication bypass vulnerability in SSL VPN and SSH management that is “susceptible to actual exploitation.”

In an email sent to SonicWall customers and shared on Reddit, the firewall vendor says the patches are available as of yesterday, and all impacted customers should install them immediately to prevent exploitation.

“We have identified a high (CVE Score 8.2) firewall vulnerability that is susceptible to actual exploitation for customers with SSL VPN or SSH management enabled and that should be mitigated immediately by upgrading to the latest firmware, which will be web-posted tomorrow, Jan 7th, 2025,” warns a SonicWall email sent to customers.

“The same firmware upgrade contains mitigations for additional, less-critical vulnerabilities.”

A SonicWall security bulletin tracks this flaw as CVE-2024-53704 (CVSS v3.0 score: 8.2, “high”), stating it impacts multiple generation six and generation seven firewalls, running 6.5.4.15-117n and older and 7.0.1-5161 and older versions.

Impacted users are recommended to upgrade to the following versions to address the security risk:

  • Gen 6 / 6.5 hardware firewalls: SonicOS 6.5.5.1-6n or newer
  • Gen 6 / 6.5 NSv firewalls: SonicOS 6.5.4.v-21s-RC2457 or newer
  • Gen 7 firewalls: SonicOS 7.0.1-5165 or newer; 7.1.3-7015 and higher
  • TZ80: SonicOS 8.0.0-8037 or newer

The same bulletin lists three more medium to high-severity issues summarized as follows:

CVE-2024-40762 – A cryptographically weak pseudo-random number generator (PRNG) is used in the SSL VPN authentication token generator, potentially allowing an attacker to predict tokens and bypass authentication in certain cases.

CVE-2024-53705 – A server-side request forgery (SSRF) vulnerability in the SonicOS SSH management interface enables a remote attacker to establish TCP connections to arbitrary IP addresses and ports, provided the attacker is logged into the firewall.

CVE-2024-53706 – A flaw in the Gen7 SonicOS Cloud NSv (specific to AWS and Azure editions) allows a low-privileged, authenticated attacker to escalate privileges to root, potentially enabling code execution.

SonicWall also lists some mitigations for the SSLVPN vulnerabilities, including limiting access to trusted sources and restricting access from the internet entirely if not needed.

To mitigate SSH flaws, administrators are recommended to restrict firewall SSH management access and consider disabling access from the internet.

Source

Leave a Comment

Your email address will not be published. Required fields are marked *

loader-image
London, GB
10:34 am, Jul 11, 2025
weather icon 27°C
L: 25° | H: 28°
few clouds
Humidity: 50 %
Pressure: 1021 mb
Wind: 1 mph WNW
Wind Gust: 1 mph
UV Index: 0
Precipitation: 0 mm
Clouds: 13%
Rain Chance: 0%
Visibility: 10 km
Sunrise: 4:56 am
Sunset: 9:15 pm
DailyHourly
Daily ForecastHourly Forecast
Today 10:00 pm
weather icon
25° | 28°°C 0 mm 0% 8 mph 47 % 1021 mb 0 mm/h
Tomorrow 10:00 pm
weather icon
18° | 30°°C 0 mm 0% 9 mph 65 % 1018 mb 0 mm/h
Sun Jul 13 10:00 pm
weather icon
17° | 27°°C 0 mm 0% 7 mph 73 % 1014 mb 0 mm/h
Mon Jul 14 10:00 pm
weather icon
20° | 29°°C 0 mm 0% 14 mph 71 % 1017 mb 0 mm/h
Tue Jul 15 10:00 pm
weather icon
15° | 27°°C 0 mm 0% 13 mph 71 % 1021 mb 0 mm/h
Today 1:00 pm
weather icon
28° | 29°°C 0 mm 0% 3 mph 44 % 1021 mb 0 mm/h
Today 4:00 pm
weather icon
30° | 31°°C 0 mm 0% 5 mph 32 % 1019 mb 0 mm/h
Today 7:00 pm
weather icon
28° | 28°°C 0 mm 0% 5 mph 28 % 1017 mb 0 mm/h
Today 10:00 pm
weather icon
22° | 22°°C 0 mm 0% 8 mph 47 % 1019 mb 0 mm/h
Tomorrow 1:00 am
weather icon
18° | 18°°C 0 mm 0% 4 mph 55 % 1018 mb 0 mm/h
Tomorrow 4:00 am
weather icon
19° | 19°°C 0 mm 0% 4 mph 65 % 1018 mb 0 mm/h
Tomorrow 7:00 am
weather icon
19° | 19°°C 0 mm 0% 6 mph 64 % 1018 mb 0 mm/h
Tomorrow 10:00 am
weather icon
24° | 24°°C 0 mm 0% 6 mph 45 % 1017 mb 0 mm/h
Name Price24H (%)
Bitcoin(BTC)
€100,986.92
6.31%
Ethereum(ETH)
€2,578.51
8.43%
Tether(USDT)
€0.85
0.01%
XRP(XRP)
€2.22
5.78%
Solana(SOL)
€140.33
3.66%
USDC(USDC)
€0.85
0.01%
Dogecoin(DOGE)
€0.168897
8.48%
Shiba Inu(SHIB)
€0.000011
5.95%
Pepe(PEPE)
€0.000011
14.87%
Peanut the Squirrel(PNUT)
€0.246894
20.17%
Scroll to Top