๐Ÿ” CVE Alert

CVE-2024-53704

HIGH 8.2 โš ๏ธ CISA KEV
CVSS Score
8.2
EPSS Score
0.0%
EPSS Percentile
0th

An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication.

CWE CWE-287
Vendor sonicwall
Product sonicos
Published Jan 9, 2025
Last Updated Feb 26, 2026
โš ๏ธ Actively Exploited โ€” Act Now

Get instant alerts for sonicwall sonicos

This vulnerability is actively exploited in the wild. Set up free real-time alerts so you're first to know about threats like CVE-2024-53704.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

SonicWall / SonicOS
7.1.1-7058 and older versions 7.1.2-7019 8.0.0-8035

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
psirt.global.sonicwall.com: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003 cisa.gov: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-53704

Credits

๐Ÿ” Daan Keuper, Thijs Alkemade and Khaled Nassar of Computest Security through Trend Micro (Zero Day Initiative)