January 16, 2024 at 09:12AM
Report: Many SonicWall next-generation firewall devices are unpatched for critical vulnerabilities CVE-2022-22274 and CVE-2023-0656, with potential for DoS and RCE attacks. Over 178,000 vulnerable devices found, and new PoC exploits developed. Recommendations include applying patches immediately due to known exploitation in malicious attacks.
Key Takeaways from Meeting Notes:
– Cybersecurity firm Bishop Fox reports that the majority of SonicWall next-generation firewall series 6 and 7 devices have not been patched against two potentially serious vulnerabilities: CVE-2022-22274 and CVE-2023-0656.
– These vulnerabilities are critical- and high-severity and can be exploited remotely without authentication, potentially leading to denial-of-service (DoS) and remote code execution (RCE) attacks.
– SonicWall released patches for these vulnerabilities in March 2022 and March 2023, but a significant number of devices with publicly accessible web management interfaces remain unpatched.
– Bishop Fox discovered that over 178,000 SonicWall firewalls are vulnerable to at least one of the security defects.
– The cyber firm found that almost all of the 146,000 vulnerable SonicWall firewalls are missing patches for both vulnerabilities, with the risk of potential exploitation in malicious attacks.
– There are PoC code targeting CVE-2023-0656 that has been publicly available since April 2023. Additionally, Bishop Fox identified a link between CVE-2022-22274 and CVE-2023-0656, creating new PoC exploits for both vulnerabilities.
– SonicWall customers are strongly advised to apply the available patches as soon as possible to mitigate the risk of exploitation by malicious actors.
Feel free to reach out if further clarification or detail is needed.