REDLEGG BLOG

Emergency Security Bulletin - SonicOS SSLVPN Authentication Bypass Vulnerability

1/8/25 3:24 PM  |  by RedLegg Blog

About:

RedLegg will occasionally communicate vulnerabilities released outside the usual release schedule to provide additional value to our customers. These emergency bulletins describe vulnerabilities or threats we classify as the highest severity level and warrant out-of-band emergency patching or mitigation action.

RedLegg will include a brief description of the vulnerability, whether or not an active exploit or POC exists, and then a link to an update, if any, exists. If no update exists, there will be remediation or mitigation suggestions to limit each vulnerability's risk.

 

VULNERABILITIES

SonicOS SSLVPN Authentication Bypass Vulnerability 

CVSS Score: 8.2 (High)
Identifier: CVE-2024-53704
Exploit or POC: No known public proof of concept has been reported.
Update: CVE-2024-53704 – SonicWall Software Security Advisory

Description: CVE-2024-53704 is a high-severity vulnerability in SonicWall SonicOS. An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication, potentially leading to unauthorized access to sensitive systems.

Mitigation Recommendation: Patching is currently the only method of mitigation. Please update to the latest version listed in the SonicWall Software Security Advisory. Immediate patching is recommended to prevent potential exploitation.

Get Blog Updates

Related Articles

Emergency Security Bulletin: Multiple SAP NetWeaver Vulnerabilities Vulnerability Bulletins

Emergency Security Bulletin: Multiple SAP NetWeaver Vulnerabilities

About: RedLegg will occasionally communicate vulnerabilities released outside the usual release schedule to provide ...
Patch Tuesday - January 2025 Vulnerability Bulletins

Patch Tuesday - January 2025

*Important note: These are not the only vulnerabilities that were recently released; however, these are the ...
Critical Security Vulnerabilities Bulletin