Bishop Fox cybersecurity researchers have discovered a critical security flaw in approximately 4,500 SonicWall firewalls that are exposed to the Internet as a result of a critical security breach. The flaw, CVE-2024-53704, is a high-severity authentication bypass vulnerability within SonicOS SSLVPN.
Threat actors could exploit this flaw to gain unauthorized access to your VPN sessions, compromising the privacy of your sensitive data and the security of your network.
SonicWall has issued a patch to address this issue, but unpatched systems remain at immediate risk.
Due to this discovery, it is imperative that organizations relying on SonicWall firewalls immediately update those firewalls to mitigate the threat of cyberattacks leveraging this exploit and mitigate the amount of damage they will incur.
In its security bulletin dated January 7, 2025, SonicWall issued a warning about the high likelihood of an exploit resulting from a recently identified authentication bypass vulnerability within its SonicOS SSLVPN application that has been released to alert customers.
Content was cut in order to protect the source.Please visit the source for the rest of the article.
There was a strong recommendation the company sent out to administrators to upgrade their SonicOS firewall firmware immediately so that they could mitigate the risk of unauthorized access and potentially dangerous cyberattacks.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: