Security Alert (A24-03-12): Multiple Vulnerabilities in SonicWall Products


 

Published on: 13 March 2024

  
  

Description:

SonicWall released security advisories to address multiple vulnerabilities in SonicWall products. An attacker could exploit these vulnerabilities by sending specially crafted requests to an affected system.

 

Affected Systems:

  • SonicOS versions prior to 6.5.4.v_21s_RC2395, 6.5.4.14-107n, 7.0.1-5151, 7.1.1-7051
  • SonicWall Email Security Appliance versions prior to 10.0.28.7941

For detailed information of the affected products, please refer to the corresponding security advisories at vendor's website.

 

Impact:

Depending on the vulnerabilities being exploited, a successful exploitation could lead to remote code execution, denial of service, information disclosure, spoofing or tampering on the affected system.

 

Recommendation:

Patches for affected systems are now available. Administrators of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0004
  • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0005
  • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0006
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22396 (to CVE-2024-22398)


Tag: SonicWall , SonicOS , SonicWall Email Security
Tags