Nearly 800,000 VPNs around the world need urgent patching after a vendor issued a security update for a critical flaw this week.

Researchers from Tripwire found the stack-based buffer overflow vulnerability in SonicWall’s Network Security Appliance (NSA), or more specifically, its underlying SonicOS software.

According to Tripwire security researcher Craig Young, who discovered the bug, the problem exists in the HTTP/HTTPS service used for product management and SSL VPN remote access. It can apparently be triggered by an unauthenticated HTTP request involving a custom protocol handler.

“An unskilled attacker can use this flaw to cause a persistent denial of service condition,” Young continued.

“Tripwire VERT has also confirmed the ability to divert execution flow through stack corruption indicating that a code execution exploit is likely feasible. This flaw exists pre-authentication and within a component (SSLVPN) which is typically exposed to the public internet.”

With over 795,000 SonicWall devices exposed according to a Shodan search made by Tripwire on Wednesday, the bug could be exploited to cause widespread damage.

According to SonicWall, the vulnerability has a CVSS score of 9.4, perhaps a reflection of the fact it could lead not only to denial of service but also arbitrary remote code execution.

The affected versions are: SonicOS 6.5.4.7-79n and earlier, SonicOS 6.5.1.11-4n and earlier, SonicOS 6.0.5.3-93o and earlier, SonicOSv 6.5.4.4-44v-21-794 and earlier and SonicOS 7.0.0.0-1.

VPN systems are increasingly being targeted by attackers looking to find a way into corporate systems, given the large numbers of remote workers currently reliant on them.

In April it was confirmed that cyber-criminals were exploiting known bugs in Citrix and Pulse Secure VPNs to deploy ransomware in hospitals, while just this week it emerged that other attackers were chaining VPN exploits with Zerologon to compromise Active Directory (AD) identity services.

“Immediately upon discovery, SonicWall researchers conducted extensive testing and code review to confirm the third-party research. This analysis led to the discovery of additional unique vulnerabilities to virtual and hardware appliances requiring CVE listings based on CVSS,” it explained.

“The PSIRT team worked to duplicate the issues and develop, test and release patches for the affected products. At this time, SonicWall is not aware of a vulnerability that has been exploited or that any customer has been impacted.”

Source: https://www.infosecurity-magazine.com/news/800k-sonicwall-vpns-critical-flaw/

SonicWall, Virtual private network, Computer security, Vulnerability, Arbitrary code execution, Common Vulnerabilities and Exposures, Firewall

World news – GB – Nearly 800,000 SonicWall VPNs Need Critical Flaw Patching

En s’appuyant sur ses expertises dans les domaines du digital, des technologies et des process , CSS Engineering vous accompagne dans vos chantiers de transformation les plus ambitieux et vous aide à faire émerger de nouvelles idées, de nouvelles offres, de nouveaux modes de collaboration, de nouvelles manières de produire et de vendre.

CSS Engineering s’implique dans les projets de chaque client comme si c’était les siens. Nous croyons qu’une société de conseil devrait être plus que d’un conseiller. Nous nous mettons à la place de nos clients, pour aligner nos incitations à leurs objectifs, et collaborer pour débloquer le plein potentiel de leur entreprise. Cela établit des relations profondes et agréables.

Nos services:

  1. Création des sites web professionnels
  2. Hébergement web haute performance et illimité
  3. Vente et installation des caméras de vidéo surveillance
  4. Vente et installation des système de sécurité et d’alarme
  5. E-Marketing

Toutes nos réalisations ici https://www.css-engineering.com/en/works/

LEAVE A REPLY

Please enter your comment!
Please enter your name here