January 16, 2024 at 09:39AM
Over 178,000 SonicWall firewalls are susceptible to two security vulnerabilities. These flaws could lead to denial-of-service conditions and remote code execution. While there’s no evidence of exploits, a proof-of-concept for one vulnerability has been released. The cybersecurity firm warns that bad actors could use these flaws to trigger repeated crashes and disrupt device functionality. It’s advised to update to the latest version and avoid exposing the management interface to the internet.
Summary of Meeting Notes:
Date: Jan 16, 2024
Subject: Newsroom Vulnerability / Network Security
– Over 178,000 SonicWall firewalls exposed over the internet are exploitable to at least one of the two security flaws, leading to potential denial-of-service (DoS) and remote code execution (RCE).
– Jon Williams, a senior security engineer at Bishop Fox, provided a technical analysis and highlighted that the vulnerabilities are fundamentally the same but exploitable at different HTTP URI paths.
– The vulnerabilities in question:
– CVE-2022-22274 (CVSS score: 9.4) – A stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote, unauthenticated attacker to cause DoS or potentially result in code execution in the firewall.
– CVE-2023-0656 (CVSS score: 7.5) – A stack-based buffer overflow vulnerability in the SonicOS allows a remote, unauthenticated attacker to cause DoS, which could result in a crash.
– While there are no reports of exploitation of the flaws in the wild, a proof-of-concept (PoC) for CVE-2023-0656 was published by the SSD Secure Disclosure team in April 2023.
– The cybersecurity firm uncovered multiple stack-based buffer overflow flaws in the SonicOS management web interface and SSL VPN portal that could lead to a firewall crash.
– It is recommended to update to the last version and ensure that the management interface isn’t exposed to the internet to safeguard against possible threats.
Please let me know if you need further details or have any specific requests.