Security News > 2024 > January > Over 178K SonicWall firewalls vulnerable to DoS, potential RCE attacks
Security researchers have found over 178,000 SonicWall next-generation firewalls with the management interface exposed online are vulnerable to denial-of-service and potential remote code execution attacks.
"Using BinaryEdge source data, we scanned SonicWall firewalls with management interfaces exposed to the internet and found that 76% are vulnerable to one or both issues," said Jon Williams, a Senior Security Engineer at Bishop Fox.
More than 500,000 SonicWall firewalls are currently exposed online, with over 328,000 in the United States, according to data from threat monitoring platform Shadowserver.
Last March, SonicWall PSIRT and Mandiant revealed that suspected Chinese hackers installed custom malware on unpatched SonicWall Secure Mobile Access appliances for long-term persistence in cyber-espionage campaigns.
Juniper warns of critical RCE bug in its firewalls and switches.
Sophos backports RCE fix after attacks on unsupported firewalls.
News URL
Related news
- SonicWall warns of SMA1000 RCE flaw exploited in zero-day attacks (source)
- 5,000+ SonicWall firewalls still open to attack (CVE-2024-53704) (source)
- SonicWall firewall bug leveraged in attacks after PoC exploit release (source)
- SonicWall firewalls now under attack: Patch ASAP or risk intrusion via your SSL VPN (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Fortinet Warns of New Zero-Day Used in Attacks on Firewalls with Exposed Interfaces (source)
- Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks (source)
- 48,000+ internet-facing Fortinet firewalls still open to attack (source)
- SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006) (source)
- Week in review: 48k Fortinet firewalls open to attack, attackers “vishing” orgs via Microsoft Teams (source)