Sonicwall reports authentication vulnerability in SonicOS SSL VPN

published: Feb. 9, 2024

Take action: This is not a panic mode vulnerability, yet the patch is fairly small change and easy to apply. Plan for a quick patch before someone makes a PoC and bots start attacking it.

Learn More

Sonicwall has addressed a high severity vulnerability in its SonicOS software which could potentially allow attackers to bypass authentication mechanisms within the SSL VPN feature, and gain unauthorized access to private corporate networks.

This vulnerability is tracked as CVE-2024-22394 (CVSS score 8.6), and arises from improper authentication processes within the SonicOS SSL VPN under certain conditions.

The impacted versions are Gen7 SonicWall firewalls operating on firmware version SonicOS 7.1.1-7040. Affected models include the TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670, NSa 2700, NSa 3700, NSa 4700, NSa 5700, NSa 6700, NSsp 10700, NSsp 11700, NSsp 13700, NSv 270, NSv 470, and NSv 870.

Sonicwall has released a firmware update (Build 7.1.1-7047) to mitigate the risk. Sonicwall has stated that there is currently no evidence of active exploitation of this vulnerability in the wild. Additionally, no public proof of concept (PoC) or reports of malicious use of this vulnerability have been reported to Sonicwall.

Sonicwall reports authentication vulnerability in SonicOS SSL VPN