Home https://server7.kproxy.com/servlet/redirect.srv/sruj/smyrwpoii/p2/ Technology https://server7.kproxy.com/servlet/redirect.srv/sruj/smyrwpoii/p2/ 800,000 SonicWall VPNs vulnerable to new external code execution errors

800,000 SonicWall VPNs vulnerable to new external code execution errors


Image: SonicWall

Nearly 800,000 Internet access SonicWall VPN devices need to be updated and patched for a major new vulnerability announced Wednesday.


35 was discovered by the Tripwire VERT security team and affects SonicOS, the operating system running on SonicWall Network Security Appliance (NSA) devices.

SonicWall NSAs are used as firewalls and SSL VPN portals to filter, control and give employees access to internal and private networks.

Tripwire researchers say SonicOS contains a bug in a component that handles custom protocols.

The component is exposed on the WAN (public Internet) interface, which means that any attacker can exploit it as long as they are aware of the device’s IP address.

Tripwire said exploitation of the bay is trivial, even for unskilled attackers. In its simplest form, the error can cause a denial of service and crash devices, but “exploiting code execution is likely possible.”

The security firm said it reported the bug to the SonicWall team that released patches on Monday.

On Wednesday, when it revealed the CVE-2020-5135 bug on its blog, Tripwire VERT security researcher Craig Young said the company had identified 795,357 SonicWall VPNs that were connected online and likely likely to be vulnerable.

CVE-2020-5135 is considered a critical error with a rating of 9.4 out of 10 and is expected to be in active use once proof-of-concept code has been made publicly available. Exploitation of the vulnerability does not require the attacker to have valid credentials as the bay manifests itself before any authentication operations.

The bug is also SonicWall’s second major bug this year after CVE-2019-7481, released earlier this winter.

Durable and Microsoft researchers have shared this week Shodan works to identify SonicWall VPNs and get them patched.

“At this time, SonicWall is not aware of any vulnerability that has been exploited or that any customer has been affected,” a spokesman for ZDNet said in an email.

Updated at 10:45 ET with statement from SonicWall.

Source link