Cyber Security

SonicWall Firewalls Targeted by Exploited Vulnerability: Over 4,500 Devices at Risk

Cybersecurity experts confirm that a critical vulnerability in SonicWall firewalls (CVE-2024-53704) is actively being exploited, granting attackers unauthorized access to networks.

bastamabastama
Feb 27, 2025 - 13:52
Mar 1, 2025 - 01:09
 0  14
SonicWall Firewalls Targeted by Exploited Vulnerability: Over 4,500 Devices at Risk
Cloud Sunucu
Cloud Sunucu

Cybersecurity experts have confirmed that a critical security vulnerability (CVE-2024-53704) in SonicWall firewalls is being actively exploited by threat actors. This vulnerability affects the SSLVPN authentication mechanism, allowing attackers to bypass authentication requirements and gain unauthorized access to targeted networks.

The attacks accelerated after the release of a Proof-of-Concept (PoC) exploit code.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has classified this vulnerability as critical. It impacts SonicOS versions 7.1.x (up to version 7.1.1-7058), 7.1.2-7019, and 8.0.0-8035, which are commonly used in Gen 6 and Gen 7 firewalls, as well as SOHO series devices.

SonicWall issued security updates on January 7 to address the flaw and urged customers to update their systems immediately. For those unable to update, the company recommended restricting device access to trusted sources only and cutting off internet access entirely.

However, the publication of PoC exploit code by Bishop Fox security researchers on February 10 has shown attackers how to exploit the vulnerability. Following this release, Arctic Wolf, a cybersecurity firm, reported a sharp increase in attack attempts.

Over 4,500 Devices Vulnerable
Internet scans conducted by Bishop Fox researchers on February 7 revealed that more than 4,500 SonicWall SSL VPN servers remain unprotected against the vulnerability. The company warned that these devices are easy targets for attackers and urged administrators to apply security patches as soon as possible.

Previously, ransomware groups Akira and Fog were known to have targeted SonicWall firewalls. According to a report published by Arctic Wolf in October, at least 30 cyberattacks were traced back to compromised SonicWall VPN accounts.

Experts emphasize that SonicWall users must immediately update their devices to close the security hole. If updates are not possible, disabling the SSLVPN service is recommended.

Tags:

What's Your Reaction?

Like Like 0
Dislike Dislike 0
Love Love 0
Funny Funny 0
Angry Angry 0
Sad Sad 0
Wow Wow 0
bastama
bastama
Sınırsız Hosting
Sınırsız Hosting

Related Posts

NVISO Labs: 'Hackers Use Microsoft Teams and Spam Emails to Launch Social Engineering Attacks'

NVISO Labs: 'Hackers Use Microsoft Teams and Spam Email...

bastama Feb 27, 2025  0  10

Health Net Federal Services and Centene to Pay $11.2 Million Over Cybersecurity Violations

Health Net Federal Services and Centene to Pay $11.2 Mi...

bastama Feb 27, 2025  0  2

Italian Government: 'Paragon Spyware Targeted Citizens Across Europe'

Italian Government: 'Paragon Spyware Targeted Citizens ...

bastama Feb 27, 2025  0  2

Osman Doğan: "Critical Infrastructures Face Rising Threats from APT Attacks"

Osman Doğan: "Critical Infrastructures Face Rising Thre...

bastama Feb 27, 2025  0  3

Two new malware that threatened Mac users emerged

Two new malware that threatened Mac users emerged

bastama Mar 10, 2025  0  12

Critical Vulnerability Found in AnyDesk: Attackers Can Gain Admin Privileges

Critical Vulnerability Found in AnyDesk: Attackers Can ...

bastama Feb 27, 2025  0  7