Multiple Sonicwall VPN Vulnerabilities Let Attackers Bypass Authentication
- С сайта: Vulnerability(cybersecuritynews.com)
- Вернуться к списку новостей
С сайта: Vulnerability(cybersecuritynews.com)
A new security advisory has been released regarding several vulnerabilities in SonicWall’s SonicOS software, which could enable attackers to bypass authentication mechanisms.
These vulnerabilities affect a variety of SonicWall hardware products, potentially compromising network security.
Vulnerability Summary
The advisory highlights four significant vulnerabilities within the SonicOS framework:
Affected Products
These vulnerabilities affect various models of SonicWall hardware firewalls and the Gen7 Cloud platform. The table below summarizes the relevant CVEs and affected versions:
CVE ID Affected Products Fixed Version CVE-2024-40762Gen6 and Gen7 Firewall series7.0.1-5165 and higherCVE-2024-53704Gen6 and Gen7 Firewall series7.1.3-7015 and higherCVE-2024-53705Gen6 and Gen7 Firewalls7.0.1-5165 and higherCVE-2024-53706Gen7 Cloud NSv (AWS and Azure editions only)7.1.3-7015 and higher
SonicWall has not found any evidence of these vulnerabilities being exploited in the wild. However, they strongly urge users to upgrade their SonicWall Firewall products to the latest patched versions available on the SonicWall website.
Additionally, users should limit access to SSLVPN and SSH management to trusted sources or disable these features if not in use. For further information on securing your systems, users can refer to SonicWall’s technical support.
#Cyber_Security_News #Vulnerabilities #Vulnerability #cyber_security #cyber_security_news #vulnerability
Оригинальная версия на сайте:
Multiple Sonicwall VPN Vulnerabilities Let Attackers Bypass Authentication
Author: DhivyaA new security advisory has been released regarding several vulnerabilities in SonicWall’s SonicOS software, which could enable attackers to bypass authentication mechanisms.
These vulnerabilities affect a variety of SonicWall hardware products, potentially compromising network security.
Vulnerability Summary
The advisory highlights four significant vulnerabilities within the SonicOS framework:
- CVE-2024-40762 concerns the use of a cryptographically weak pseudo-random number generator (PRNG) within the SSLVPN authentication token generator. This weakness can be exploited by attackers, allowing them to predict authentication tokens in certain scenarios, leading to a potential authentication bypass. The CVSS score for this vulnerability is categorized at 7.1, classified under CWE-338.
- CVE-2024-53704 represents an improper authentication vulnerability within the SSLVPN mechanism. This flaw allows remote attackers to bypass authentication processes, posing a serious threat to network integrity. It has a CVSS score of 8.2 and falls under CWE-287.
- CVE-2024-53705 relates to a server-side request forgery (SSRF) vulnerability found in the SSH management interface of SonicOS. This vulnerability permits remote attackers to establish TCP connections to arbitrary IP addresses on any port while a user is logged into the firewall. It is rated with a CVSS score of 6.5 and classified under CWE-918.
- CVE-2024-53706 highlights a local privilege escalation vulnerability specifically in the Gen7 SonicOS Cloud platform, affecting AWS and Azure editions. This vulnerability allows low-privileged, authenticated users to escalate their privileges to root, potentially leading to unauthorized code execution. Its CVSS score is 7.8 and is categorized under CWE-269.
Affected Products
These vulnerabilities affect various models of SonicWall hardware firewalls and the Gen7 Cloud platform. The table below summarizes the relevant CVEs and affected versions:
CVE ID Affected Products Fixed Version CVE-2024-40762Gen6 and Gen7 Firewall series7.0.1-5165 and higherCVE-2024-53704Gen6 and Gen7 Firewall series7.1.3-7015 and higherCVE-2024-53705Gen6 and Gen7 Firewalls7.0.1-5165 and higherCVE-2024-53706Gen7 Cloud NSv (AWS and Azure editions only)7.1.3-7015 and higher
SonicWall has not found any evidence of these vulnerabilities being exploited in the wild. However, they strongly urge users to upgrade their SonicWall Firewall products to the latest patched versions available on the SonicWall website.
Additionally, users should limit access to SSLVPN and SSH management to trusted sources or disable these features if not in use. For further information on securing your systems, users can refer to SonicWall’s technical support.
#Cyber_Security_News #Vulnerabilities #Vulnerability #cyber_security #cyber_security_news #vulnerability
Оригинальная версия на сайте:
