SonicWall firewall exploit lets hackers hijack VPN sessions, patch now www.bleepingcomputer.com/news/secu…

Security researchers at Bishop Fox have published complete exploitation details for the CVE-2024-53704 vulnerability that allows bypassing the authentication mechanism in certain versions of the SonicOS SSLVPN application.

The vendor warned about the high exploitation possibility of the flaw in a bulletin on January 7, urging administrators to upgrade their SonicOS firewalls' firmware to address the problem.

The flaw allows a remote attacker to hijack active SSL VPN sessions without authentication, granting them unauthorized access to the victim’s network.

On January 22 Bishop Fox researchers announced that they had developed an exploit for CVE-2024-53704 after a “significant reverse-engineering effort,” confirming SonicWall’s fears about the exploitation potential of the vulnerability.

After allowing some time for system administrators to apply the available patches, Bishop Fox released the full exploitation details on Monday.

Fixes were made available in SonicOS 8.0.0-8037 and later, 7.0.1-5165 and higher, 7.1.3-7015 and higher, and 6.5.5.1-6n and higher. For model-specific information, check out SonicWall’s bulletin here.