Security News > 2025 > January > 5,000+ SonicWall firewalls still open to attack (CVE-2024-53704)
2025-01-27 15:05
5,000+ SonicWall firewalls are still vulnerable to attack via a high-severity vulnerability (CVE-2024-53704) that, according to SonicWall, should be considered “at imminent risk of exploitation”. The warning came last week from Bishop Fox researchers, after they successfully exploited the vulnerability on unpatched SonicWall firewalls and announced they will be releasing details of their exploit code on February 10. “Although significant reverse-engineering effort was required to find and exploit the vulnerability, the exploit itself is rather … More → The post 5,000+ SonicWall firewalls still open to attack (CVE-2024-53704) appeared first on Help Net Security.
News URL
Related news
- Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) (source)
- CISA tags SonicWall VPN flaw as actively exploited in attacks (source)
- Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) (source)
- CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download (source)
- Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035) (source)
- SonicWall SMA VPN devices targeted in attacks since January (source)
- DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks (source)
- SonicWall warns of more VPN flaws exploited in attacks (source)
- Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221) (source)
- SonicWall urges admins to patch VPN flaw exploited in attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-09 | CVE-2024-53704 | Unspecified vulnerability in Sonicwall Sonicos An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication. | 9.8 |