Security News > 2025 > February > SonicWall firewalls now under attack: Patch ASAP or risk intrusion via your SSL VPN
2025-02-14 22:53
Roses are red, violets are blue, CVE-2024-53704 is perfect for a ransomware crew Miscreants are actively abusing a high-severity authentication bypass bug in unpatched internet-facing SonicWall firewalls following the public release of proof-of-concept exploit code.…
News URL
Related news
- SonicWall firewall exploit lets hackers hijack VPN sessions, patch now (source)
- 5,000+ SonicWall firewalls still open to attack (CVE-2024-53704) (source)
- SonicWall firewall bug leveraged in attacks after PoC exploit release (source)
- SonicWall urges admins to patch exploitable SSLVPN bug immediately (source)
- CISA orders agencies to patch BeyondTrust bug exploited in attacks (source)
- Fortinet Warns of New Zero-Day Used in Attacks on Firewalls with Exposed Interfaces (source)
- Patch Tuesday: January 2025 Security Update Patches Exploited Elevation of Privilege Attacks (source)
- Patch procrastination leaves 50,000 Fortinet firewalls vulnerable to zero-day (source)
- PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack (source)
- 48,000+ internet-facing Fortinet firewalls still open to attack (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-09 | CVE-2024-53704 | Unspecified vulnerability in Sonicwall Sonicos An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication. | 9.8 |