Security News > 2025 > February > SonicWall firewall exploit lets hackers hijack VPN sessions, patch now
2025-02-11 15:56
Security researchers at Bishop Fox have published complete exploitation details for the CVE-2024-53704 vulnerability that allows bypassing the authentication mechanism in certain versions of the SonicOS SSLVPN application. [...]
News URL
Related news
- SonicWall urges admins to patch VPN flaw exploited in attacks (source)
- Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid Logistics (source)
- ⚡ Weekly Recap: Windows 0-Day, VPN Exploits, Weaponized AI, Hijacked Antivirus and More (source)
- CISA tags SonicWall VPN flaw as actively exploited in attacks (source)
- Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now (source)
- SonicWall SMA VPN devices targeted in attacks since January (source)
- Critical Erlang/OTP SSH RCE bug now has public exploits, patch now (source)
- Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp (source)
- Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised (source)
- SonicWall warns of more VPN flaws exploited in attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-09 | CVE-2024-53704 | Unspecified vulnerability in Sonicwall Sonicos An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication. | 9.8 |