![A firewall wake up call. [Research Saturday]](https://imgv2-2-f.scribdassets.com/img/audiobook/700174437/198x198/68a565f0ce/1705739217?v=1)
8 min listen
A firewall wake up call. [Research Saturday]
FromCyberWire Daily
ratings:
Length:
23 minutes
Released:
Jan 20, 2024
Format:
Podcast episode
Description
Jon Williams from Bishop Fox is sharing their research on "It’s 2024 and Over 178,000 SonicWall Firewalls are Publicly Exploitable." SonicWall published advisories for CVE-2022-22274 and CVE-2023-0656 a year apart after finding that NGFW series 6 and 7 devices are affected by two unauthenticated denial-of-service vulnerabilities.
The research states "Our research found that the two issues are fundamentally the same but exploitable at different HTTP URI paths due to reuse of a vulnerable code pattern." They also found that when they scanned SonicWall firewalls with management interfaces exposed to the internet, they found that 76% are vulnerable to one or both issues.
The research can be found here:
It’s 2024 and Over 178,000 SonicWall Firewalls are Publicly Exploitable
Learn more about your ad choices. Visit megaphone.fm/adchoices
The research states "Our research found that the two issues are fundamentally the same but exploitable at different HTTP URI paths due to reuse of a vulnerable code pattern." They also found that when they scanned SonicWall firewalls with management interfaces exposed to the internet, they found that 76% are vulnerable to one or both issues.
The research can be found here:
It’s 2024 and Over 178,000 SonicWall Firewalls are Publicly Exploitable
Learn more about your ad choices. Visit megaphone.fm/adchoices
Released:
Jan 20, 2024
Format:
Podcast episode
More Episodes from CyberWire Daily
Encore: Monica Ruiz: Moving ahead when not many look like you. [Policy] [Career Notes] by CyberWire Daily