CVE-2024-53704

CVE-2024-53704 is an Improper Authentication vulnerability (CWE-287) in the SSLVPN authentication mechanism of SonicWall products. Published on January 9, 2025, it has a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity with network accessibility, low attack complexity, no privileges or user interaction required, and high impacts on confidentiality, integrity, and availability. A remote attacker can exploit this flaw to bypass authentication entirely.

The attack scenario involves any unauthenticated remote attacker over the network who can send crafted requests to the SSLVPN interface. Successful exploitation grants unauthorized access, potentially allowing the attacker to perform privileged operations within the VPN environment, leading to data exfiltration, modification, or disruption of services as reflected in the high CVSS impact metrics.

SonicWall published advisory SNWLID-2025-0003 detailing the vulnerability at psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-53704 to its Known Exploited Vulnerabilities Catalog at cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-53704, indicating active exploitation in the wild and urging federal agencies to apply mitigations promptly.

Security practitioners should prioritize patching affected SonicWall SSLVPN deployments, as real-world exploitation is confirmed via CISA's catalog.