DIVD-2025-00002 - Authentication bypass in SonicWall SSL-VPN service
| Our reference | DIVD-2025-00002 |
| Case lead | Alwin Warringa |
| Researcher(s) |
|
| CVE(s) | |
| Products |
|
| Versions |
|
| Recommendation | Apply the patch as soon as possible for impacted products |
| Patch status | Patch available |
| Workaround | To mitigate the risk posed by these vulnerabilities, users should ensure that access to the SSL-VPN firewalls is limited to trusted sources, or to disable SSL-VPN access from the internet entirely |
| Status | Open |
| Last modified | 10 Jan 2025 11:38 CET |
Summary
On 7 January 2025, SonicWall released patches for multiple vulnerabilities in Gen6 and Gen7 firewalls. The patched vulnerabilities include two vulnerabilities in the SSLVPN functionality that made it possible to take over established SSLVPN sessions, thereby gaining access to the internal network (CVE-2024-53704 and CVE-2024-40762). While SonicWall has not yet observed that these vulnerabilities are being exploited in the wild, they do describe them as at imminent risk of exploitation.
Recommendations
To remediate CVE-2024-53704, apply the patch as soon as possible for impacted products, latest patch builds are available for download on mysonicwall.com.
What we are doing
DIVD is currently working to identify parties that are running a vulnerable version of SonicWall SSL-VPN service and to notify these parties.
Timeline
| Date | Description |
|---|---|
| 09 Jan 2025 | DIVD starts researching the vulnerability. |
| 09 Jan 2025 | DIVD finds fingerprint, preparing to scan. |
| 09 Jan 2025 | Case opened and starting first scan. |
| 10 Jan 2025 | DIVD starts notifying network owners with a vulnerable devices in their network. |