Security News > 2025 > February > SonicWall firewalls now under attack: Patch ASAP or risk intrusion via your SSL VPN
2025-02-14 22:53
Roses are red, violets are blue, CVE-2024-53704 is perfect for a ransomware crew Miscreants are actively abusing a high-severity authentication bypass bug in unpatched internet-facing SonicWall firewalls following the public release of proof-of-concept exploit code.…
News URL
Related news
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
- Ransomware gang creates tool to automate VPN brute-force attacks (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- How SSL Misconfigurations Impact Your Attack Surface (source)
- Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit (source)
- Old Fortinet flaws under attack with new method its patch didn't prevent (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-09 | CVE-2024-53704 | Unspecified vulnerability in Sonicwall Sonicos An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication. | 9.8 |