CVE-2024-53704: SonicWall SonicOS SSLVPN Improper Authentication Vulnerability
First published: Thu Jan 09 2025(Updated: )
An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication.
Credit: PSIRT@sonicwall.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SonicWall SonicOS | ||
| All of | ||
| Any of | ||
| SonicWall SonicOS | >=7.1.1-7040<=7.1.1-7058 | |
| SonicWall SonicOS | =7.1.2-7019 | |
| Any of | ||
| SonicWall NSA 2700 | ||
| SonicWall NSA 3700 Firmware | ||
| SonicWall NSA 4700 | ||
| SonicWall NSA 5700 | ||
| SonicWall NSA 6700 Firmware | ||
| SonicWall NSSP 10700 Firmware | ||
| SonicWall NSSP 11700 | ||
| SonicWall NSSP 13700 | ||
| SonicWall NSSP 15700 | ||
| SonicWall NSV 270 | ||
| SonicWall NSV 470 Firmware | ||
| SonicWall NSv 870 | ||
| SonicWall TZ270 | ||
| SonicWall TZ270W Firmware | ||
| SonicWall TZ370 | ||
| SonicWall TZ370W Firmware | ||
| SonicWall TZ470 Firmware | ||
| SonicWall TZ470W Firmware | ||
| SonicWall TZ570 Firmware | ||
| SonicWall TZ570P Firmware | ||
| SonicWall TZ570W Firmware | ||
| SonicWall TZ670 Firmware | ||
| All of | ||
| SonicWall SonicOS | =8.0.0-8035 | |
| SonicWall TZ80 |
Remedy
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.bleepingcomputer.com/news/security/sonicwall-urges-admins-to-patch-exploitable-sslvpn-bug-immediately/
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003
- https://www.bleepingcomputer.com/news/security/sonicwall-warns-of-sma1000-rce-flaw-exploited-in-zero-day-attacks/
- https://www.bleepingcomputer.com/news/security/sonicwall-firewall-bug-targeted-in-attacks-after-poc-exploit-release/
- https://www.bleepingcomputer.com/news/security/sonicwall-firewall-bug-leveraged-in-attacks-after-poc-exploit-release/
- https://www.theregister.com/2025/02/14/sonicwall_firewalls_under_attack_patch/
- https://www.bleepingcomputer.com/news/security/sonicwall-firewall-exploit-lets-hackers-hijack-vpn-sessions-patch-now/
- https://nvd.nist.gov/vuln/detail/CVE-2024-53704
Frequently Asked Questions
What is the severity of CVE-2024-53704?
CVE-2024-53704 is classified as a critical severity vulnerability due to its impact on authentication bypass.
How do I fix CVE-2024-53704?
To resolve CVE-2024-53704, administrators should update SonicWall SonicOS to the latest patched version.
Which versions of SonicWall SonicOS are affected by CVE-2024-53704?
CVE-2024-53704 affects SonicWall SonicOS versions between 7.1.1-7040 and 7.1.2-7019, as well as 8.0.0-8035.
Can CVE-2024-53704 be exploited remotely?
Yes, CVE-2024-53704 can be exploited by remote attackers to bypass the SSLVPN authentication mechanism.
What is the potential impact of CVE-2024-53704 on affected systems?
The potential impact of CVE-2024-53704 includes unauthorized access to systems and data, leading to significant security breaches.
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2024-53704
- alias/CVE-2024-40762
- alias/CVE-2024-53705
- alias/CVE-2024-53706
- agent/weakness
- agent/first-publish-date
- agent/type
- agent/author
- alias/CVE-2025-23006
- collector/the-register
- source/The Register
- agent/news-ai
- exploited/true
- agent/title
- agent/source
- agent/references
- agent/remedy
- agent/description
- agent/trending
- agent/severity
- agent/last-modified-date
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/softwarecombine
- agent/tags
- collector/cisa-known-exploited
- source/CISA
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-cve
- source/NVD
- collector/nvd-api
- vendor/sonicwall
- canonical/sonicwall sonicos ssl vpn nac agent
- version/sonicwall sonicos ssl vpn nac agent/7.1.1-7040
- version/sonicwall sonicos ssl vpn nac agent/7.1.1-7058
- version/sonicwall sonicos ssl vpn nac agent/7.1.2-7019
- canonical/sonicwall nsa 2700
- canonical/sonicwall nsa 3700 firmware
- canonical/sonicwall nsa 4700
- canonical/sonicwall nsa 5700
- canonical/sonicwall nsa 6700 firmware
- canonical/sonicwall nssp 10700 firmware
- canonical/sonicwall nssp 11700
- canonical/sonicwall nssp 13700
- canonical/sonicwall nssp 15700
- canonical/sonicwall nsv 270
- canonical/sonicwall nsv 470 firmware
- canonical/sonicwall nsv 870
- canonical/sonicwall tz270
- canonical/sonicwall tz270w firmware
- canonical/sonicwall tz370
- canonical/sonicwall tz370w firmware
- canonical/sonicwall tz470 firmware
- canonical/sonicwall tz470w firmware
- canonical/sonicwall tz570 firmware
- canonical/sonicwall tz570p firmware
- canonical/sonicwall tz570w firmware
- canonical/sonicwall tz670 firmware
- version/sonicwall sonicos ssl vpn nac agent/8.0.0-8035
- canonical/sonicwall tz80