On January 7, 2025, SonicWall notified customers and partners about multiple vulnerabilities in SonicWall firewalls that needed to be patched in order mitigate. Since that time, a number of security research teams have published exploitation proof of concepts (POC) for CVE -2024-53704 that may enable threat actors to more quickly and effectively exploit the vulnerability.
Because the vulnerability is now subject to more imminent and likely exploitation, it is imperative that steps are taken to remediate CVE-2024-53704.
1) Update to the patched firmware defined below
a. Gen 7 firewalls: SonicOS 7.1.3-7015 and higher
b. TZ80: SonicOS 8.0.0-8037 or higher
2) If patching is not possible then Disable SSL VPN, or limit SSL VPN Connections
Link to CVE 2024-53704 – https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003
