Multiple Vulnerabilities in SonicWall SMA 100 Could Lead to Remote Code Execution
SonicWall has issued a security advisory regarding several vulnerabilities impacting its SMA 100 series SSL-VPN products. These flaws range from path traversal issues inherited from Apache HTTP Server to critical buffer overflows and authentication bypasses, exposing devices to potential remote code execution and data breaches.
“A vulnerability in the SonicWall SMA100 SSLVPN web management interface allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution,” warns the advisory, highlighting the severity of CVE-2024-45318. This vulnerability, along with another stack-based buffer overflow (CVE-2024-53703) and a heap-based buffer overflow (CVE-2024-40763), could allow attackers to seize control of affected devices.
Adding to the concern, CVE-2024-45319 enables attackers to “circumvent the certificate requirement during authentication,” effectively bypassing a critical security layer. Further compounding the risk is CVE-2024-53702, which flags the use of a weak random number generator in the backup code system. SonicWall warns that this “can be predicted by an attacker, potentially exposing the generated secret.”
While no active exploits have been reported yet, the potential for damage is significant. SonicWall “strongly advises users of the SMA 100 series products (SMA 200, 210, 400, 410, and 500v) to upgrade to the mentioned fixed release version to address these vulnerabilities.” This includes upgrading to SMA 100 Series version 10.2.1.14-75sv or higher.
It’s crucial to note that the SMA 1000 series remains unaffected by these vulnerabilities. However, for those reliant on the SMA 100 series, immediate action is paramount to mitigate the risk of compromise.
