Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Critical Vulnerability in SonicWall SonicOS
Alerts

Critical Vulnerability in SonicWall SonicOS

25 February 2025

SonicWall has released security updates addressing a critical vulnerability (CVE-2024-53704) affecting their SonicOS software.

SonicWall has released security updates addressing a critical vulnerability (CVE-2024-53704) affecting their SonicOS software. The proof-of-concept exploit code is publicly available and the vulnerability is reportedly being actively exploited.

Successful exploitation of the Improper Authentication vulnerability in the SSLVPN authentication mechanism could allow a remote attacker to bypass authentication.

The vulnerability affects the following SonicOS versions:

  • 8.0.0-8035

  • 7.1.2-7019

  • 7.1.1-7058 and older versions

Users and administrators of affected products are advised to update to the latest versions immediately.

More information is available here:

https://nvd.nist.gov/vuln/detail/CVE-2024-53704

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003

Back to top