Follow Us on WhatsApp | Telegram | Google News

Sonicwall Patch Authentication Bypass Flaw in SonicOS SSL VPN

Table of Contents

Sonicwall SonicOS SSL VPN

After Fortinet and Ivanti now Sonicwall has released the security update for its SonicOS SSL VPN. 

A recently disclosed vulnerability in Sonicwall's SonicOS software could allow attackers to bypass authentication on the SSL VPN feature, granting them unauthorized access to private corporate networks. Sonicwall has released a firmware update to address the issue, which carries a severity score of 8.6 out of 10 on the CVSS scale.

The vulnerability, tracked as CVE-2024-22394, specifically applies to improper authentication in the SonicOS SSL VPN implementation under certain conditions, according to Sonicwall.

While details on potential attack vectors are not provided, the high severity score indicates that successful exploitation could lead to significant data breaches and network infiltration scenarios.

SonicOS powers a range of next-generation firewall appliances from Sonicwall, including the TZ, NSA, NSSP, NSv, and NSsp series. 

This issue affects only the Gen7 SonicWall firewall running OS/firmware version SonicOS 7.1.1-7040, leaving many enterprises and organizations potentially exposed if the latest firmware has not been maintained.

Sonicwall lists the following models as potentially vulnerable: TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670, NSa 2700, NSa 3700, NSa 4700, NSa 5700, NSa 6700, NSsp 10700, NSsp 11700, NSsp 13700, NSv 270, NSv 470 and finally NSv 870. 

Sonicwall noted that it "is not aware of active exploitation in the wild." "No reports of a PoC have been made public, and malicious use of this vulnerability has not been reported to SonicWall."

Rapid Response by Vendor

Sonicwall appears to have responded rapidly to investigator reports on the vulnerability. Build 7.1.1-7047 was released just two days after initial disclosure, demonstrating the company’s commitment to customer security and product integrity.

Enabling automatic updates and maintaining device firmware is considered security best practice for enterprise network hardware and critical infrastructure. However, executing timely patches across large device fleets remains an operational challenge for most IT teams.

Read Also
Post a Comment