Multiple SonicWall Vulnerabilities Let Attackers Execute Remote Code

SonicWall has issued a critical alert regarding multiple vulnerabilities in its Secure Mobile Access (SMA) 100 series SSL-VPN appliances.

These vulnerabilities could allow attackers to execute remote code, bypass authentication, or compromise system integrity.

SonicWall urges users to take immediate action by updating their devices to the latest firmware to mitigate these risks.

These issues affect SMA 200, 210, 400, 410, and 500v appliances running firmware version 10.2.1.13-72sv or earlier. Products from the SonicWall SSL VPN SMA1000 series are confirmed to be unaffected.

Free Webinar on Best Practices for API vulnerability & Penetration Testing:  Free Registration

Vulnerability List

1. CVE-2024-38475: Path Traversal Vulnerability
   Originating from Apache HTTP Server’s mod_rewrite module, this vulnerability allows attackers to map URLs to sensitive filesystem locations, potentially exposing restricted files.
2. CVE-2024-40763: Heap-Based Buffer Overflow
   A heap-based buffer overflow in SMA100 devices, caused by improper memory handling, can be exploited by attackers to execute malicious code or crash the system.
3. CVE-2024-45318: Stack-Based Buffer Overflow
   A vulnerability in the SMA100 web management interface permits attackers to trigger a stack-based buffer overflow, potentially allowing the execution of arbitrary code on the device.
4. CVE-2024-45319: Certificate-Based Authentication Bypass
   This flaw allows attackers to bypass the certificate requirement during authentication, granting unauthorized access to the system.
5. CVE-2024-53702: Insecure Randomness
   The use of a weak pseudo-random number generator (PRNG) in the SMA100 backup code mechanism can enable attackers to predict the output, potentially exposing sensitive information.
6. CVE-2024-53703: Stack-Based Buffer Overflow in Apache
   A stack-based buffer overflow in the mod_httprp library used by SMA100 devices running Apache allows attackers to execute arbitrary code remotely.

Affected Products

The vulnerabilities impact the SonicWall SMA 100 series (SMA 200, 210, 400, 410, 500v), specifically firmware version 10.2.1.13-72sv and earlier.

The following table provides a detailed summary of affected products and versions:

Product Series	Product Models	Affected Firmware Version
SonicWall SMA 100	SMA 200, SMA 210	10.2.1.13-72sv and earlier
	SMA 400, SMA 410	10.2.1.13-72sv and earlier
	SMA 500v	10.2.1.13-72sv and earlier
SonicWall SMA 1000	All models	Not affected

SonicWall recommends all users immediately update to the latest firmware to address these issues.

SonicWall has stated there is currently no evidence of active exploitation in the wild, but given the severity of these vulnerabilities, organizations are urged to act without delay.

Analyse Real-World Malware & Phishing Attacks With ANY.RUN - Get up to 3 Free Licenses