April 18, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Remcos RAT – Active IOCs
June 21, 2024Android Malware ‘Rafel RAT’ Evolves from Espionage Tool to Ransomware Operations – Active IOCs
June 21, 2024Remcos RAT – Active IOCs
June 21, 2024Android Malware ‘Rafel RAT’ Evolves from Espionage Tool to Ransomware Operations – Active IOCs
June 21, 2024
Severity
Medium
Analysis Summary
CVE-2024-22395 CVSS:6.3
SonicWall SMA100 could allow a remote authenticated attacker to bypass security restrictions, caused by improper access control. By sending a specially crafted request, an attacker could exploit this vulnerability to associate another user's MFA mobile application.
CVE-2024-22396 CVSS:5.3
SonicWall SonicOS is vulnerable to a denial of service, caused by an integer-based buffer overflow. By sending a specially crafted IKEv2 payload, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2024-29013 CVSS:5.3
SonicWall SonicOS SSLVPN is vulnerable to a denial of service, caused by a heap-based buffer overflow. By using memcpy function, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.
Impact
- Security Bypass
- Denial of Service
Indicators of Compromise
CVE
- CVE-2024-22395
- CVE-2024-22396
- CVE-2024-29013
Affected Vendors
Sonicwall
Affected Products
- SonicWall SonicOS 7.0.1-5145
- SonicWall SonicOS 7.1.1-7051
- SonicWall SMA100 10.2.1.10-62sv
Remediation
Refer to SonicWall Security Advisory for patch, upgrade, or suggested workaround information.
