CVE-2024-53704
SonicWall SonicOS SSLVPN Improper Authentication Vulnerability
CVSS
—
No CVSS
EPSS
95.1%
p100
KEV
YES
Feb 18, 2025
Exploit Today
80
0-100
Published: — · Last modified: —
95.1%EPSS · 30 days95.1%
2026-06-302026-07-16
Product
SonicWall / SonicOS
Vulnerability
SonicWall SonicOS SSLVPN Improper Authentication Vulnerability
Added to KEV
Feb 18, 2025
Remediate by
Mar 11, 2025
Known ransomware use
Yes
Summary description
SonicWall SonicOS contains an improper authentication vulnerability in the SSLVPN authentication mechanism that allows a remote attacker to bypass authentication.
Required action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notes
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003 ; https://nvd.nist.gov/vuln/detail/CVE-2024-53704