SonicWall has issued an urgent security advisory to customers regarding a high-severity authentication bypass vulnerability affecting their firewall’s SSL VPN and SSH management systems. The vulnerability, tracked as CVE-2024-53704 with a CVSS score of 8.2, requires immediate attention from users.
Key Vulnerabilities:
– Primary authentication bypass flaw in SSL VPN and SSH management
– Weak pseudo-random number generator in SSL VPN authentication (CVE-2024-40762)
– Server-side request forgery vulnerability in SSH management (CVE-2024-53705)
– Privilege escalation risk in Gen7 Cloud NSv systems (CVE-2024-53706)
Affected Systems:
– Generation 6 and 7 firewalls
– Systems running versions 6.5.4.15-117n and older
– Systems running versions 7.0.1-5161 and older
Required Updates:
– Gen 6/6.5 Hardware: Update to SonicOS 6.5.5.1-6n or newer
– Gen 6/6.5 NSv: Update to SonicOS 6.5.4.v-21s-RC2457 or newer
– Gen 7: Update to SonicOS 7.0.1-5165 or newer
– TZ80: Update to SonicOS 8.0.0-8037 or newer
Recommended Mitigations:
– Limit SSL VPN access to trusted sources
– Disable internet-facing SSH management when possible
– Restrict firewall management access to authorized personnel
– Install provided patches immediately