May 10, 2024
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
LockBit Ransomware Admin Found and Sanctioned by US, UK, Australian Authorities
May 8, 2024
ROOTROT Webshell Used by Chinese Threat Actors in MITRE Network Intrusion
May 8, 2024
LockBit Ransomware Admin Found and Sanctioned by US, UK, Australian Authorities
May 8, 2024
ROOTROT Webshell Used by Chinese Threat Actors in MITRE Network Intrusion
May 8, 2024
Severity
High
Analysis Summary
CVE-2024-29010 CVSS:7.1
SonicWALL GMS Virtual Appliance could allow a remote authenticated attacker to obtain sensitive information, caused by improper handling of XML external entity (XXE) declarations in the ECMPolicyRequest class. By sending a specially crafted XML content, a remote attacker could exploit this vulnerability to obtain sensitive information in the context of root.
CVE-2024-29011 CVSS:7.5
SonicWALL GMS Virtual Appliance could allow a remote attacker to bypass security restrictions, caused by the use of hardcoded credential in the ECMClientAuthenticator class. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass authentication on the system.
Impact
- Information Disclosure
- Security Bypass
Indicators of Compromise
CVE
- CVE-2024-29010
- CVE-2024-29011
Affected Vendors
Sonicwall
Affected Products
- SonicWall GMS 9.3.4
Remediation
Refer to SonicWall Security Advisory for patch, upgrade or suggested workaround information.