Multiple Apache Products Vulnerabilities

January 17, 2025

ICS: Multiple Siemens Products Vulnerabilities

January 17, 2025

CVE-2024-12802 – SonicWall SSL-VPN Vulnerability

January 17, 2025

Severity

High

Analysis Summary

CVE-2024-12802

SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling of UPN (User Principal Name) and SAM (Security Account Manager) account names when integrated with Microsoft Active Directory, allowing MFA to be configured independently for each login method and potentially enabling attackers to bypass MFA by exploiting the alternative account name.

Impact

Security Bypass

Indicators of Compromise

CVE

CVE-2024-12802

Affected Vendors

Sonicwall

Affected Products

SonicWall Gen7 Firewalls
SonicWall Gen6 NSv
SonicWall Gen6 Firewalls
SonicWall TZ80

Remediation

Refer to SonicWall Security Advisory for patch, upgrade, or suggested workaround information.

SonicWall Security Advisory

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

CVE-2025-6554 – Google Chrome Vulnerability

Multiple D-Link Products Vulnerabilities

Multiple GitLab Products Vulnerabilities

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Multiple Apache Products Vulnerabilities

ICS: Multiple Siemens Products Vulnerabilities

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation