⚠ Actively exploited in ransomware campaigns
This vulnerability is on the CISA Known Exploited Vulnerabilities list and has been used in known ransomware attacks. CISA required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.. Due date: 2025-03-11.
CVE-2024-53704 — SonicWall SSLVPN: Improper Authentication in Sonicos
Severity
9.8CRITICALNVD
EPSS
93.9%
top 0.13%
CISA KEV
KEVRansomware
Added 2025-02-18
Due 2025-03-11
Exploit
PoC available
Public exploit / PoC exists
Affected products
Timeline
PublishedJan 9
KEV addedFeb 18
KEV dueMar 11
CISA Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Description
An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9
Affected Packages2 packages
🔴Vulnerability Details
3GHSA▶
GHSA-rwgq-wj29-fx3r: An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication↗2025-01-09
CVEList▶
CVE-2024-53704: An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication↗2025-01-09
💥Exploits & PoCs
1Nuclei▶
SSL VPN Session Hijacking
🔍Detection Rules
3Suricata▶
ET WEB_SPECIFIC_APPS SonicOS SSLVPN Authentication Bypass HTTP Cookie (swap) (CVE-2024-53704)↗2025-02-13
Suricata
▶