CVE-2024-53704
Citrix SSLVPN Authentication Bypass Vulnerability
Description
An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication.
INFO
Published Date :
Jan. 9, 2025, 7:15 a.m.
Last Modified :
Jan. 9, 2025, 3:15 p.m.
Source :
[email protected]
Remotely Exploitable :
Yes !
Impact Score :
5.9
Exploitability Score :
3.9
Public PoC/Exploit Available at Github
CVE-2024-53704 has a 1 public PoC/Exploit available at Github.
Go to the Public Exploits tab to see the list.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2024-53704.
| URL | Resource |
|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003 |
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
demonstriert, wie mittels missbräuchlicher Nutzung eines Swap-Cookies eine VPN-Session übernommen werden kann. Wichtig: Dieses Projekt dient ausschliesslich zu Bildungs- und Forschungszwecken – bitte nur in Umgebungen verwenden, in denen Du explizit authorisiert bist.
Python
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2024-53704 vulnerability anywhere in the article.
-
BleepingComputer
SonicWall firewall exploit lets hackers hijack VPN sessions, patch now
Security researchers at Bishop Fox have published complete exploitation details for the CVE-2024-53704 vulnerability that allows bypassing the authentication mechanism in certain versions of the Sonic ... Read more
-
Help Net Security
Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085)
Apple has shipped a fix for a zero-day vulnerability (CVE-2025-24085) that is being leveraged by attackers against iPhone users. About CVE-2025-24085 CVE-2025-24085 is a use after free bug in CoreMedi ... Read more
-
security.nl
'Vijfduizend SonicWall-firewalls bevatten kritiek authenticatie-lek in vpn-functie'
Vijfduizend firewalls van fabrikant SonicWall bevatten een kritiek authenticatie-lek in de vpn-functie, zo stelt securitybedrijf Bishop Fox op basis van eigen onderzoek. SonicWall kwam op 7 januari me ... Read more
-
Help Net Security
5,000+ SonicWall firewalls still open to attack (CVE-2024-53704)
5,000+ SonicWall firewalls are still vulnerable to attack via a high-severity vulnerability (CVE-2024-53704) that, according to SonicWall, should be considered “at imminent risk of exploitation”. The ... Read more
-
BleepingComputer
SonicWall warns of SMA1000 RCE flaw exploited in zero-day attacks
SonicWall is warning about a pre-authentication deserialization vulnerability in SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), with reports that it has bee ... Read more
-
TheCyberThrone
TheCyberThrone Security Weekly Review – January 11, 2025
Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings. This review is for the week ending Saturday, January 11, 2025.Redis was affected by CV ... Read more
-
TheCyberThrone
Chinese MirrorFace APT targets Japan
The MirrorFace Advanced Persistent Threat (APT) group, also known as Earth Kasha, has been linked to a series of cyber-attacks targeting Japan. These attacks have been ongoing since 2019 and have prim ... Read more
-
TheCyberThrone
CVE-2024-5594 impacts OpenVPN
CVE-2024-5594 is a critical vulnerability identified in OpenVPN versions prior to 2.6.11. This vulnerability stems from improper sanitization of PUSH_REPLY messages, which allows attackers to inject u ... Read more
-
TheCyberThrone
CVE-2024-49415 : Samsung Android devices Impacted
CVE-2024-49415 is a critical vulnerability found in Samsung devices running Android versions 12, 13, and 14. This vulnerability was discovered by researchers from Google Project Zero, a team dedicated ... Read more
-
TheCyberThrone
CVE-2024-53704 impacts SonicWall
CVE-2024-53704 is a high-severity vulnerability impacting SonicWall’s SSLVPN authentication mechanism. This flaw, with a CVSS score of 8.2, allows remote attackers to bypass authentication and gain un ... Read more
The following table lists the changes that have been made to the
CVE-2024-53704 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0
Jan. 09, 2025
Action Type Old Value New Value Added CVSS V3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H -
New CVE Received by [email protected]
Jan. 09, 2025
Action Type Old Value New Value Added Description An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication. Added CWE CWE-287 Added Reference https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2024-53704 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2024-53704
weaknesses.