SonicWall firewalls hit by worrying cyberattack

Security researchers are warning of a SonicWall flaw being actively exploited
The bug was discovered in early January 2025, and subsequently fixed
However not all users have applied the patch yet

Cybercriminals are actively abusing a vulnerability in SonicWall firewalls to gain access to target endpoints, tamper with the VPN, and more, cybersecurity researchers Arctic Wolf have revealed.

The vulnerability in question is an Improper Authentication bug in the SSLVPN authentication mechanism. It was discovered in early January 2025 and was given a severity score of 9.8/10 – critical. It is tracked as CVE-2024-53704 and impacts SonicOS versions 7.1.x (up to 7.1.1-7058), 7.1.2-7019, and 8.0.0-8035. SonicWall released versions SonicOS 8.0.0-8037 and later, 7.0.1-5165 and higher, 7.1.3-7015 and higher, and 6.5.5.1-6n and higher, to address the bug.

Soon after SonicWall released a fix, security outlet Bishop Fox came forward with a Proof-of-Concept (PoC) exploit to warn the security community, and SonicWall users, about potential attack avenues. Consequently, it also gave cybercriminals ideas on how to exploit the flaw and expectedly, it has happened.

Exploitation attempts

“Shortly after the proof-of-concept was made public, Arctic Wolf began observing exploitation attempts of this vulnerability in the threat landscape,” the company said in its security advisory.

The researchers explained that in the exploit, the target endpoint incorrectly validates a malicious session attempt. As a result, the target is logged out, while the attacker gets access to the session, including the ability to read the victim’s Virtual Office bookmarks, access VPN client configuration settings, open a VPN tunnel, and more.

“With that, we were able to identify the username and domain of the hijacked session, along with private routes the user was able to access through the SSL VPN,” the researchers said.

Even though a patch is available for more than a month now, there are still thousands of vulnerable endpoints out there.

Via The Register

https://cdn.mos.cms.futurecdn.net/ji5q5LEbkXwmbhvpgHgPqK-1200-80.jpg

Source link

Netflix has 3 of my favorite crime movies of all time to stream right now, for both fun and dramatic moods

Hermès is launching a pair of wireless headphones, and yes, they’ll cost as much as a car

Criminals are using AI to create fake documents to trick businesses

How emerging ransomware trends can help inform payment decisions

Ex-Israeli Intelligence Official: Shockwaves of Trump’s “Take Over Gaza” Heard, Felt Across Region

What UK political parties are promising in the 2019 general election

Otto Warmbier’s parents want North Korea to suffer for their son’s death

Could a ‘youthquake’ cause Boris Johnson to lose the general election?

Which Celebrity Styles Americans Copy Most in 2025: New Study

New ‘Westworld’ trailer introduces us to another dystopian tech company

What’s the point of ‘Charlie’s Angels’ without Sam Rockwell dancing?

These striking photos capture the future of human flight

FTC backs DOJ proposal in Google search antitrust case

Global markets rejoice after Trump’s sweeping tariff rollout gets blocked by a U.S. court

HP stock price target cut to $28 at TD Cowen

Gen Z is ‘very comfortable’ with using mental-health services. Older generations? Not so much

The YouTuber who has become one of Gen Z’s most beloved celebrities

26 last-minute holiday gifts that are still thoughtful and unique

Practicing gratitude regularly can make you less stressed and sleep better

8 things millennials wish you would just stop getting them for the holidays

SonicWall firewalls hit by worrying cyberattack

Netflix has 3 of my favorite crime movies of all time to stream right now, for both fun and dramatic moods

FTC backs DOJ proposal in Google search antitrust case

Hermès is launching a pair of wireless headphones, and yes, they’ll cost as much as a car

Global markets rejoice after Trump’s sweeping tariff rollout gets blocked by a U.S. court