LockBit Ransomware Admin Found and Sanctioned by US, UK, Australian Authorities
May 8, 2024ROOTROT Webshell Used by Chinese Threat Actors in MITRE Network Intrusion
May 8, 2024LockBit Ransomware Admin Found and Sanctioned by US, UK, Australian Authorities
May 8, 2024ROOTROT Webshell Used by Chinese Threat Actors in MITRE Network Intrusion
May 8, 2024Severity
High
Analysis Summary
CVE-2024-29010 CVSS:7.1
SonicWALL GMS Virtual Appliance could allow a remote authenticated attacker to obtain sensitive information, caused by improper handling of XML external entity (XXE) declarations in the ECMPolicyRequest class. By sending a specially crafted XML content, a remote attacker could exploit this vulnerability to obtain sensitive information in the context of root.
CVE-2024-29011 CVSS:7.5
SonicWALL GMS Virtual Appliance could allow a remote attacker to bypass security restrictions, caused by the use of hardcoded credential in the ECMClientAuthenticator class. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass authentication on the system.
Impact
- Information Disclosure
- Security Bypass
Indicators of Compromise
CVE
- CVE-2024-29010
- CVE-2024-29011
Affected Vendors
Affected Products
- SonicWall GMS 9.3.4
Remediation
Refer to SonicWall Security Advisory for patch, upgrade or suggested workaround information.