Strengthening Your Network: Critical Patches Needed for SonicWall SSLVPN Vulnerability

By /
two bullet surveillance cameras attached on wall
two bullet surveillance cameras attached on wall

Introduction: Your Network, Our Priority

At Praslin IT, our mantra is clear: “Your network, our priority.” In line with our commitment to safeguarding your digital assets, we want to inform you about a critical security update concerning SonicWall’s SSLVPN feature. Immediate action is required to protect your business from potential vulnerabilities.

Critical Update for SonicWall SSLVPN

A critical security issue, identified as CVE-2024-40766, affects various versions of SonicWall’s SonicOS. It is crucial to apply the latest patches for the impacted products and versions outlined below:

  • SonicWall Gen 5: Running SonicOS version 5.9.2.14-12o and older – The issue is resolved in SonicOS version 5.9.2.14-13o.
  • SonicWall Gen 6: Running SonicOS version 6.5.4.14-109n and older – Fixed in version 6.5.2.8-2n (for SM9800, NSSP 12400, NSSP 12800) and version 6.5.4.15-116n (for other Gen 6 firewalls).
  • SonicWall Gen 7: Running SonicOS version 7.0.1-5035 and older – The issue is not reproducible in version 7.0.1-5035 and later.

Mitigation Steps Recommended by SonicWall

To ensure your network remains secure, SonicWall has issued the following recommendations:

Restrict Management Access

Limit firewall management to trusted sources and disable internet access to the WAN management portal whenever possible.

Control SSLVPN Access

Restrict SSLVPN access to trusted sources only. If SSLVPN is not necessary, consider disabling it entirely.

Update Local Accounts

For Gen 5 and Gen 6 devices, SSLVPN users with local accounts should immediately update their passwords. Administrators should also enable the “user must change password” option for local users.

Enable MFA

Implement multi-factor authentication (MFA) for all SSLVPN users using TOTP or email-based one-time passwords (OTPs). Detailed configuration instructions are available [here].

Conclusion

Securing your network is of utmost importance to us. Please ensure you follow the outlined steps and apply the necessary patches to protect against these vulnerabilities. Stay proactive in safeguarding your digital assets.

Related Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Call Book
Review Your Cart
0
Add Coupon Code
Subtotal
Checkout

 
Scroll to Top