Actively exploited vulnerability

CVE-2024-53704: SonicWall SonicOS SSLVPN Improper Authentication Vulnerability

SonicWall SonicOS contains an improper authentication vulnerability in the SSLVPN authentication mechanism that allows a remote attacker to bypass authentication.

CISA KEV source 18 Feb 2025 added 11 Mar 2025 remediation due

Affected product

SonicWall · SonicOS

Known ransomware use: Known

Required action

Follow the source advisory and validate exposure in your environment.

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Related Yasna coverage

Recent reporting that mentions CVE-2024-53704.