A major vulnerability has been discovered in SonicWall firewalls, and hackers are already taking advantage of it. We’ll cover how this attack works and what you can do to stay protected as we sit down and sync up with Rocket IT’s weekly technology update.

In this episode, you’ll hear more about:

• A new SonicWall firewall vulnerability being actively exploited.
• How hackers can bypass authentication and take over VPN sessions.
• Which SonicWall devices are affected.
• How security researchers exposed the flaw.
• What hackers can do if they gain access.
• The urgent fix and what to do if you can’t update immediately.

Video Transcript

Hackers have found a way to bypass authentication on certain SonicWall SSL VPN firewalls. This means they can hijack active VPN sessions without needing a username, password, or even multi-factor authentication.

When employees log into a SonicWall SSL VPN, they create an active session that keeps them connected to their company’s network. Normally, users have to authenticate who they are to start a session, but this vulnerability lets hackers hijack those sessions without logging in themselves. Instead of breaking through a locked door, they slip in through an open one and take control.

This flaw specifically affects SonicOS versions 7.1.x, 7.1.2, and 8.0.0, which run on many Gen 6, Gen 7, and SOHO series SonicWall devices.

Security researchers at Bishop Fox found the issue and released something called a Proof-of-Concept exploit code. This is basically a blueprint that shows exactly how the attack works. While these are meant to help security teams fix vulnerabilities, hackers can also use them to launch real-world attacks. And that’s exactly what’s happening.

If an attacker takes over a VPN session, they can remotely access business networks, steal private data, and disrupt business operations. In the past, hackers have used SonicWall vulnerabilities for ransomware attacks, and this new flaw makes it even easier for them.

The only real fix is to update your SonicOS firmware immediately. SonicWall has already released patches, and upgrading will close this security gap.

If for some reason you can’t update right away, you should at least limit VPN access to trusted devices and locations, disable SSL VPN access if you don’t need it, and restrict access from the internet entirely, if possible.

A vulnerability like this proves why businesses need a proactive IT strategy. If you’re not sure whether your SonicWall firewall is vulnerable or need help securing your systems, a trusted IT partner, like Rocket IT, can check if your firewall is affected, apply security patches, and monitor for suspicious activity. For those organizations looking to take action today, contact Rocket IT using the link in this video’s description. And to stay up to date on trending technology news, hit that subscribe button and the bell to catch us on next week’s episode of Sync Up with Rocket IT.