About:
RedLegg will occasionally communicate vulnerabilities released outside the usual release schedule to provide additional value to our customers. These emergency bulletins describe vulnerabilities or threats we classify as the highest severity level and warrant out-of-band emergency patching or mitigation action.
RedLegg will include a brief description of the vulnerability, whether or not an active exploit or POC exists, and then a link to an update, if any, exists. If no update exists, there will be remediation or mitigation suggestions to limit each vulnerability's risk.
VULNERABILITIES
SonicOS SSLVPN Authentication Bypass VulnerabilityCVSS Score: 8.2 (High) Description: CVE-2024-53704 is a high-severity vulnerability in SonicWall SonicOS. An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication, potentially leading to unauthorized access to sensitive systems. Mitigation Recommendation: Patching is currently the only method of mitigation. Please update to the latest version listed in the SonicWall Software Security Advisory. Immediate patching is recommended to prevent potential exploitation. |