- SonicWall sends emails to IT administrators warning them about a high severity vulnerability in their firewalls
- The bug is “susceptible to real exploitation,” he said.
- There is a patch available, as well as some mitigation measures.
SonicWall has recently addressed a high severity vulnerability in its firewalls that is “susceptible to actual exploitation.” The company has since started notifying IT administrators, urging them to apply the fix immediately and protect their endpoints.
Citing some Reddit users who were contacted by SonicWall, beepcomputer said the vulnerability is an authentication bypass in SSL VPN and SSH management, tracked as CVE-2024-53704.
It has a severity score of 8.2 (high) and affects multiple 6th and 7th generation firewalls, powered by SonicOS 6.5.4.15-117n and earlier and 7.0.1-5161 and earlier.
Three more defects
“We have identified a high firewall vulnerability (CVE Score 8.2) that is susceptible to actual exploitation for customers with SSL VPN or SSH management enabled and that should be mitigated immediately by updating to the latest firmware, which will be posted to the web tomorrow, January .October 7, 2025,” SonicWall apparently said in the email.
“The same firmware update contains mitigations for additional less critical vulnerabilities.”
For those running Gen 6 or 6.5 hardware firewalls, SonicOS 6.5.5.1-6n or later is the firmware to update, while Gen 6/6.5 NSv firewalls should look for SonicOS 6.5.4.v-21s-RC2457 or later . Finally, TZ80 users need at least SonicOS 8.0.0-8037.
In the same patch, the company fixed three additional flaws (CVE-2024-40762, CVE-2024-53705, and CVE-2024-53706), which allow authentication bypass, remote code execution, and more.
Those who can’t install the patch immediately should at least apply the mitigations that SonicWall suggests in the security advisory, which include limiting access to trusted sources or disabling SSLVPN access from the Internet.
To minimize the potential impact of an SSH vulnerability, SonicWall suggests also restricting firewall administration to trusted sources and disabling SSH administration of the firewall from the Internet.
Through beepcomputer
