Warning: High-Severity Vulnerability Affects Sonicwall
CVE-2024-22394 CVSS 8.6 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N)
Bronnen
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0003
Risico’s
SonicWall has released a security patch to address a high-severity vulnerability that is affecting SonicOS.
The vulnerability has a low attack complexity, does not require user interaction, and has a HIGH impact on Confidentiality.
Beschrijving
CVE-2024-22394: Authentication Bypass
An improper authentication vulnerability in SonicWall SonicOS SSL-VPN feature allows a remote attacker to bypass authentication and access the system.
Aanbevolen acties
Patch
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority, after thorough testing.
Monitor/Detect
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.
In case of an intrusion, you can report an incident via: https://cert.be/en/report-incident
While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.
Referenties
https://securityonline.info/cve-2024-22394-exposed-sonicwall-ssl-vpns-authentication-flaw/
https://nvd.nist.gov/vuln/detail/CVE-2024-22394
https://www.sonicwall.com/support/knowledge-base/how-can-i-upgrade-sonicos-firmware/170504337655458/