#SonicWall – Xynik

SonicWall Patches 6 Vulnerabilities in Secure Access Gateway

December 6, 2024 by Xynik

December 6, 2024 at 07:30AM SonicWall released urgent patches for multiple high-severity vulnerabilities in the SMA100 SSL-VPN gateway, including buffer overflow flaws (CVE-2024-45318, CVE-2024-53703) allowing remote code execution, a path traversal issue (CVE-2024-38475), and an authentication bypass (CVE-2024-45319). Users must update to firmware version 10.2.1.14-75sv. ### Meeting Takeaways: SonicWall Security Vulnerabilities Update 1. **Vulnerability Announcement**: … Read more

NachoVPN Tool Exploits Flaws in Popular VPN Clients for System Compromise

December 3, 2024 by Xynik

December 3, 2024 at 06:03AM Cybersecurity researchers identified vulnerabilities in Palo Alto Networks and SonicWall VPN clients, allowing potential remote code execution on Windows and macOS systems. Exploiting these flaws via a rogue VPN server could lead to malicious software installation. Users are urged to apply patches to mitigate risks. No active exploitation reported yet. … Read more

New VPN Attack Demonstrated Against Palo Alto Networks, SonicWall Products

November 27, 2024 by Xynik

November 27, 2024 at 04:59AM Researchers from AmberWolf revealed a new attack method targeting corporate VPN clients, exposing vulnerabilities in widely used software like Palo Alto Networks and SonicWall. They published NachoVPN, an open-source tool to demonstrate these exploits. While patches exist, exploitation requires users to connect to rogue servers, often via social engineering. ### … Read more

New NachoVPN attack uses rogue VPN servers to install malicious updates

November 26, 2024 by Xynik

November 26, 2024 at 05:35PM Security researchers identified vulnerabilities in Palo Alto and SonicWall VPN clients, allowing attackers to exploit unpatched systems via rogue VPN servers. The “NachoVPN” tool simulates these attacks. Patches have been released, and AmberWolf provided advisories with mitigation recommendations to protect networks from these risks. ### Meeting Takeaways: NachoVPN Vulnerabilities 1. … Read more

Critical SonicWall SSLVPN bug exploited in ransomware attacks

September 9, 2024 by Xynik

September 9, 2024 at 05:52PM Ransomware affiliates exploit a critical security vulnerability in SonicWall SonicOS firewall devices to breach victims’ networks, impacting Gen 5, Gen 6, and Gen 7 firewalls. The vulnerability initially affected the firewalls’ management access interface, but was later found to also impact the SSLVPN feature and exploited in attacks. Mitigation measures … Read more

Akira Ransomware Actors Exploit SonicWall Bug for RCE

September 9, 2024 by Xynik

September 9, 2024 at 05:00PM Akira ransomware affiliates are exploiting a critical remote code execution vulnerability (CVE-2024-40766) in SonicWall’s Gen 5, Gen 6, and some Gen 7 firewall products. The US CISA has added it to their list of known exploited vulnerabilities. SonicWall advises customers to update affected appliances and take measures to limit firewall … Read more

SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation

September 6, 2024 by Xynik

September 6, 2024 at 01:27PM SonicWall disclosed an actively exploited security flaw in SonicOS, urging immediate patching. The vulnerability (CVE-2024-40766) affects management access and SSLVPN, with potential unauthorized access and firewall crashes. Temporary solutions include restricting firewall management and implementing multi-factor authentication. The flaw’s exploitation in the wild has led to urgent patch recommendations for … Read more

SonicWall SSLVPN access control flaw is now exploited in attacks

September 6, 2024 by Xynik

September 6, 2024 at 09:25AM SonicWall warns of potential exploitation of recently fixed access control flaw (CVE-2024-40766) in SonicOS. Urges admins to promptly apply patches to mitigate attacks. It seems that there’s a warning from SonicWall about a potential exploitation of a recently fixed access control flaw (CVE-2024-40766) in SonicOS. Admins are being urged to … Read more

Recent SonicWall Firewall Vulnerability Potentially Exploited in the Wild

September 6, 2024 by Xynik

September 6, 2024 at 09:18AM SonicWall warns customers of a potential exploit in a recently patched SonicOS vulnerability (CVE-2024-40766). The vulnerability impacts Gen 5, Gen 6, and Gen 7 firewalls, allowing unauthorized access and possible crashes. They advise immediate patching and password updates to mitigate risks. There are no reports of exploitation yet. Based on … Read more

Second Apache OFBiz Vulnerability Exploited in Attacks

August 28, 2024 by Xynik

August 28, 2024 at 06:54AM CISA added a second Apache OFBiz flaw, CVE-2024-38856, to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability allows unauthenticated remote code execution in impacted versions through 18.12.14. SonicWall, who discovered the flaw, described it as critical, with PoC exploits emerging in early August. This is the second Apache OFBiz vulnerability … Read more