Security News > 2025 > February > SonicWall firewalls now under attack: Patch ASAP or risk intrusion via your SSL VPN
2025-02-14 22:53
Roses are red, violets are blue, CVE-2024-53704 is perfect for a ransomware crew Miscreants are actively abusing a high-severity authentication bypass bug in unpatched internet-facing SonicWall firewalls following the public release of proof-of-concept exploit code.…
News URL
Related news
- SonicWall urges admins to patch VPN flaw exploited in attacks (source)
- CISA tags SonicWall VPN flaw as actively exploited in attacks (source)
- SonicWall SMA VPN devices targeted in attacks since January (source)
- SonicWall warns of more VPN flaws exploited in attacks (source)
- Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit (source)
- Old Fortinet flaws under attack with new method its patch didn't prevent (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-09 | CVE-2024-53704 | Unspecified vulnerability in Sonicwall Sonicos An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication. | 9.8 |