Remote Unauthorized Access Vulnerability Patched in SonicWall Firewalls
Introduction
The bug, tracked as CVE-2024-53704, has been patched in a firmware upgrade available since January 7, which also sealed other, less-critical vulnerabilities.
Background
SonicWall’s network security appliances use the SonicOS SSLVPN to enable secure remote access to internal network resources over the internet.
Impact
A vulnerability with a CVSS score of 8.2/10, the bug impacts a number of Gen6 and Gen7 firewalls. The fixed versions include:
- SonicOS 6.5.5.1-6n or newer for hardware firewalls
- SonicOS 6.5.4.v-21s-RC2457 or newer for NSv firewalls
- SonicOS 7.0.1-5165 or newer for Gen 7 firewalls
Recommendation
We strongly recommend that all affected customers upgrade to the latest firmware version to ensure the security and integrity of their networks.
Conclusion
In conclusion, the recent vulnerability patching in SonicWall firewalls highlights the importance of regular security updates and maintenance to ensure the protection of networks and data. It is crucial for organizations to stay vigilant and proactive in addressing potential threats to ensure business continuity and minimize the risk of data breaches.
FAQs
- What is the CVE number of the vulnerability? The CVE number is CVE-2024-53704.
- What is the CVSS score of the vulnerability? The CVSS score is 8.2/10.
- Which firewalls are affected by the vulnerability? The vulnerability impacts a number of Gen6 and Gen7 firewalls.
- What are the fixed versions of the firmware? The fixed versions include SonicOS 6.5.5.1-6n or newer for hardware firewalls, SonicOS 6.5.4.v-21s-RC2457 or newer for NSv firewalls, and SonicOS 7.0.1-5165 or newer for Gen 7 firewalls.
- What is the recommendation for affected customers? We strongly recommend that all affected customers upgrade to the latest firmware version to ensure the security and integrity of their networks.
