Check Point Advisories

SonicWall SonicOS Authentication Bypass (CVE-2024-53704)

Check Point Reference: CPAI-2024-1351
Date Published: 2 Feb 2025
Severity: Critical
Last Updated: Wednesday 19 February, 2025
Source:
Industry Reference:CVE-2024-53704
Protection Provided by:

Security Gateway
R81, R80, R77, R75
Who is Vulnerable? SonicWall SonicOS Gen7 Firewall TZ270 7.1.1-7058 and prior, 7.1.2-7019.
SonicWall SonicOS Gen7 Firewall TZ270W 7.1.1-7058 and prior, 7.1.2-7019
SonicWall SonicOS Gen7 Firewall TZ370 7.1.1-7058 and prior, 7.1.2-7019.
SonicWall SonicOS Gen7 Firewall TZ370W 7.1.1-7058 and prior, 7.1.2-7019.
SonicWall SonicOS Gen7 Firewall TZ470 7.1.1-7058 and prior, 7.1.2-7019.
SonicWall SonicOS Gen7 Firewall TZ470W 7.1.1-7058 and prior, 7.1.2-7019.
SonicWall SonicOS Gen7 Firewall TZ570 7.1.1-7058 and prior, 7.1.2-7019.
SonicWall SonicOS Gen7 Firewall TZ570W 7.1.1-7058 and prior, 7.1.2-7019.

SonicWall SonicOS Gen7 Firewall TZ570P 7.1.1-7058 and prior, 7.1.2-7019.
SonicWall SonicOS Gen7 Firewall TZ670 7.1.1-7058 and prior, 7.1.2-7019.
SonicWall SonicOS Gen7 Firewall NSa 2700 7.1.1-7058 and prior, 7.1.2-7019.
SonicWall SonicOS Gen7 Firewall NSa 3700 7.1.1-7058 and prior, 7.1.2-7019.
SonicWall SonicOS Gen7 Firewall NSa 4700 7.1.1-7058 and prior, 7.1.2-7019.
SonicWall SonicOS Gen7 Firewall NSa 5700 7.1.1-7058 and prior, 7.1.2-7019.
SonicWall SonicOS Gen7 Firewall NSa 6700 7.1.1-7058 and prior, 7.1.2-7019.
SonicWall SonicOS Gen7 Firewall NSsp 10700 7.1.1-7058 and prior, 7.1.2-7019.
SonicWall SonicOS Gen7 Firewall NSsp 11700 7.1.1-7058 and prior, 7.1.2-7019.
SonicWall SonicOS Gen7 Firewall NSsp 13700 7.1.1-7058 and prior, 7.1.2-7019.
SonicWall SonicOS Gen7 Firewall NSsp 15700 7.1.1-7058 and prior, 7.1.2-7019.

SonicWall SonicOS Gen7 NSv 270 7.1.1-7058 and prior, 7.1.2-7019
SonicWall SonicOS Gen7 NSv NSv 470 7.1.1-7058 and prior, 7.1.2-7019
SonicWall SonicOS Gen7 NSv NSv 870 7.1.1-7058 and prior, 7.1.2-7019
SonicWall SonicOS TZ80 7.1.1-7058 and prior, 7.1.2-7019
Vulnerability Description An authentication bypass vulnerability exists in SonicWall SonicOS. Successful exploitation of this vulnerability would allow remote attackers to gain unauthorized access into the affected system.

Protection Overview

This protection detects attempts to exploit this vulnerability.

In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.

Security Gateway R81 / R80 / R77 / R75

  1. In the IPS tab, click Protections and find the SonicWall SonicOS Authentication Bypass (CVE-2024-53704) protection using the Search tool and Edit the protection's settings.
  2. Install policy on all Security Gateways.

This protection's log will contain the following information:

Attack Name:  Web Server Enforcement Violation.
Attack Information:  SonicWall SonicOS Authentication Bypass (CVE-2024-53704)

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK