- Security researchers warn that a Sonicwall failure is actively exploited
- The error was discovered in early January 2025, and was subsequently solved
- However, not all users have applied the patch yet
Cybercriminals are actively abusing vulnerability in Sonicwall Firewalls to obtain access to target final points, alter the VPN and more, cybersecurity researchers Arctic Wolf have revealed.
The vulnerability in question is an inappropriate authentication error in the SSLVPN authentication mechanism. It was discovered in early January 2025 and was given a gravity score of 9.8/10, critic. It is tracked as CVE-2024-53704 and impacts the versions of Sonica 7.1.x (up to 7.1-7058), 7.1.2-7019 and 8.0.0-8035. Sonicwall launched Sonic versions 8.0.0-8037 and later, 7.0.1-5165 and higher, 7.1.3-7015 and higher, and 6.5.5-6n and more, to address the error.
Shortly after Sonicwall launched a solution, the Bishop Fox security medium presented a proof of concept (PIC) exploit to warn the security community and Sonicwall users, on possible ways of attack. Consequently, he also gave cybercriminal ideas about how to exploit the defect and, with hope, has happened.
Exploitation attempts
“Shortly after the concept test was made public, the Arctic Wolf began to observe the attempts to exploit this vulnerability in the threat panorama,” said the company in its security warning.
The researchers explained that in the exploit, the final point incorrectly validates a malicious session attempt. As a result, the objective is recorded, while the attacker has access to the session, including the ability to read the victim’s virtual office markers, access the VPN client configuration configuration, open a VPN tunnel and more.
“With that, we were able to identify the username and the domain of the kidnapped session, along with the private routes that the user could access through the VPN SSL,” the researchers said.
Although there is a patch available for more than a month, there are still thousands of vulnerable final points out there.
Through The registration
