SonicWall warns admins to patch critical auth bypass bugs immediately


SonicWall warned customers today to urgently patch multiple critical vulnerabilities impacting the company’s Global Management System (GMS) firewall management and Analytics network reporting engine software suites.

In total, the American cybersecurity company addressed a total of 15 security flaws today, including ones that can let threat actors gain access to vulnerable on-prem systems running GMS 9.3.2-SP1 or earlier and Analytics 2.5.0.4-R7 or earlier after bypassing authentication.

“This suite of vulnerabililtes, which was responsibility disclosed, includes four (4) vulnerabilities with a CVSSv3 rating of CRITICAL, that allows an attacker to bypass authentication and could potentially result in exposure of sensitive information to an unauthorized actor,” SonicWall said.

“SonicWall PSIRT strongly suggests that organizations using the GMS/Analytics On-Prem version outlined below should upgrade to the respective patched version immediately.”

The list of critical vulnerabilities that admins should patch immediately by upgrading to GMS 9.3.3 and Analytics 2.5.2 includes:

  • CVE-2023-34124: Web Service Authentication Bypass
  • CVE-2023-34133: Multiple Unauthenticated SQL Injection Issues & Security Filter Bypass
  • CVE-2023-34134: Password Hash Read via Web Service
  • CVE-2023-34137: CAS Authentication Bypass

They can be exploited remotely by unauthenticated threat actors in low-complexity attacks that don’t require user interaction.

Successful exploitation enables unauthorized access to data that would typically be inaccessible to an attacker, according to a security advisory published on Wednesday.

Such data may include information belonging to other users or any data within the compromised application’s reach. Following compromise, attackers can manipulate or delete this data, resulting in “persistent changes” to the hacked application’s content or functionality.

SonicWall PSIRT has no knowledge of public reports of proof of concept (PoC) exploit code or active exploitation of this vulnerability occurring in the wild before the bugs were disclosed and patched.

The company’s appliances have a history of being targeted in ransomware (e.g., HelloKitty, FiveHands) and cyber-espionage attacks.

For instance, in March, SonicWall PSIRT and Mandiant revealed that suspected Chinese hackers installed custom malware on unpatched SonicWall Secure Mobile Access (SMA) appliances to gain long-term persistence for cyber-espionage campaigns.

SonicWall’s products are used by over 500,000 business customers spanning 215 countries and territories globally, including government agencies and some of the largest companies worldwide.



Source link