icon

Digital safety starts here for both commercial and personal Use...

Defend Your Business Against the Latest WNY Cyber Threats We offer Safe, Secure and Affordable Solutions for your Business and Personal Networks and Devices.



WNYCyber is there to help you to choose the best service providers in Western New York... We DO NOT provide the services ourselves, as we are Internet Programmers who have to deak daily with Cyber Threats... (Ugghhh)... So we know what it's like and what it takes to protect OUR and OUR CUSTOMERS DATA... We built this Website to help steer you to those that can give you the best service at realistic and non-inflated prices. We do charge or collect any fees.

Buffalo, New York
United States

Current Threat Data

Over 25,000 SonicWall VPN Firewalls Exposed to Critical Flaws

Summary:
A recent scan conducted by cybersecurity firm Bishop Fox uncovered 430,363 SonicWall publicly exposed firewall appliances. Among these, 25,485 SonicWall SSLVPN devices were found to be vulnerable to critical security flaws, while an additional 94,018 were vulnerable to high-severity issues. The scan also revealed that approximately 20,000 devices were running SonicOS/OSX firmware versions no longer supported by the vendor. Specifically, 6,633 devices were using Series 4 and 5 firmware, both of which reached end-of-life status several years ago. Another 14,077 devices were found to be using unsupported versions of Series 6 firmware, which is now only partially supported. Additionally, Bishop Fox identified 13,827 devices running unknown firmware versions, 197,099 devices running unsupported Series 6 firmware with unspecified versions, and 29,254 devices running unknown versions of Series 5 firmware.

Security Officer Comments:
With hundreds of thousands of firewall instances exposed to the internet, attackers have significant opportunities to identify and exploit vulnerabilities, outdated or unpatched firmware, misconfigurations, and weak passwords through brute-force methods to gain initial access. While the number of vulnerable endpoints has decreased from 178,000 in January 2024, there remains a large number of unpatched devices that attackers could exploit. Notably, publicly exposed and vulnerable (CVE-2022-22274CVE-2023-0656) SonicWall firewalls have been recently targeted by ransomware groups such as Fog and Akira to gain entry into victim networks, highlighting the need for organizations to apply patches promptly to mitigate potential attacks.

Suggested Corrections:
Organizations should prioritize updating their devices by applying the latest patches and firmware versions provided by SonicWall. Devices running outdated or end-of-life firmware, such as Series 4 and Series 5, should be replaced or upgraded to supported versions. Additionally, organizations should implement strong access controls, disable unnecessary public-facing services, and conduct regular vulnerability scans to identify and remediate any security weaknesses. By ensuring that all devices are running supported firmware and applying security updates promptly, organizations can reduce their exposure to cyber attacks.

Link(s):
https://bishopfox.com/blog/state-sonicwall-exposure-firmware-decryption-unlocks-insights 


https://www.bleepingcomputer.com/ne...wall-vpn-firewalls-exposed-to-critical-flaws/

Contact Us for Threat Assistance
Back to Current Threats