Critical VPN Vulnerabilities Expose Millions to Remote System Attacks

Critical VPN Vulnerabilities Expose Millions to Remote System Attacks

Critical VPN Vulnerabilities Discovered in Palo Alto Networks and SonicWall Clients

Security researchers have identified significant security flaws in popular VPN clients from Palo Alto Networks and SonicWall, potentially exposing Windows and macOS users to remote code execution attacks through compromised VPN servers.

The Palo Alto Networks GlobalProtect vulnerability (CVE-2024-5921) carries a CVSS score of 5.6 and affects Windows, macOS, and Linux versions. The flaw stems from insufficient certificate validation and has been patched in Windows version 6.2.6.

SonicWall’s SMA100 NetExtender client (CVE-2024-29014) presents a more severe risk with a CVSS score of 7.1, affecting Windows client versions 10.2.339 and earlier. This vulnerability enables arbitrary code execution through EPC Client updates and has been resolved in version 10.2.341.

Potential attack vectors include:
• Malicious VPN servers distributing harmful updates
• Credential theft and privilege escalation via GlobalProtect
• Code execution through compromised NetExtender EPC updates
• Exploitation through malicious websites and infected documents

While no active exploits have been detected, users are strongly advised to update their VPN clients to the latest versions immediately.

Share This Article