From 8944f6b075492f01ca76bf976c7c59aa90ab995f Mon Sep 17 00:00:00 2001 From: Alwin Warringa Date: Fri, 10 Jan 2025 11:38:25 +0100 Subject: [PATCH] Update DIVD-2025-00002.md Aanpassingen na advies van Thijs --- _cases/2025/DIVD-2025-00002.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/_cases/2025/DIVD-2025-00002.md b/_cases/2025/DIVD-2025-00002.md index f035c8bf..5868ee66 100644 --- a/_cases/2025/DIVD-2025-00002.md +++ b/_cases/2025/DIVD-2025-00002.md @@ -9,6 +9,7 @@ researchers: - Thijs Alkemade (Computest) cves: - CVE-2024-53704 +- CVE-2024-40762 product: - SonicWall SonicOS versions: @@ -36,14 +37,12 @@ timeline: --- ## Summary -SonicWall has identified an Improper Authentication vulnerability in the SSLVPN authentication mechanism. A successful exploit of this vulnerability could allow an attacker to gain unauthorized access, with potential impacts to the confidentiality, integrity, and availability of the networks that were supposed to be protected by the VPN. +On 7 January 2025, SonicWall released patches for multiple vulnerabilities in Gen6 and Gen7 firewalls. The patched vulnerabilities include two vulnerabilities in the SSLVPN functionality that made it possible to take over established SSLVPN sessions, thereby gaining access to the internal network (CVE-2024-53704 and CVE-2024-40762). While SonicWall has not yet observed that these vulnerabilities are being exploited in the wild, they do describe them as at imminent risk of exploitation. ## Recommendations - To remediate {% cve CVE-2024-53704 %}, apply the patch as soon as possible for impacted products, latest patch builds are available for download on [mysonicwall.com](https://mysonicwall.com). ## What we are doing - DIVD is currently working to identify parties that are running a vulnerable version of SonicWall SSL-VPN service and to notify these parties. {% include timeline.html %} @@ -51,4 +50,5 @@ DIVD is currently working to identify parties that are running a vulnerable vers ## More information * {% cve CVE-2024-53704 %} +* {% cve CVE-2024-40762 %} * [SonicWall Security Bulletin](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003)