sonicwall

SonicWall advises immediate firmware updates to fix a critical SSLVPN authentication bypass vulnerability (CVE-2024-53704, CVSS 8.2) affecting certain firewall models. Patches are available to prevent exploitation. Additional vulnerabilities noted include weak PRNG in SSL VPN tokens, SSRF in SSH management, and privilege escalation in cloud editions. Users should upgrade to specified SonicOS versions and limit access to mitigate risks.

SonicWall urges admins to patch exploitable SSLVPN bug immediately