InfoSecBulletin Cybersecurity for mankind
SonicWALL SSL-VPN provides secure remote access to an organization’s internal network and resources through an encrypted SSL connection. This kind of VPN is great for giving employees and partners secure access to internal applications and data from remote locations.
A hacker is selling a $1000 exploit that targets SonicWALL SSL-VPN systems. This exploit supposedly lets attackers get around two-factor authentication (2FA) and access records from the RADIUS base, which can lead to unauthorized access to sensitive information.
CVSS 10.0 Flaw
Critical flaw in Siemens OZW Web Servers Enable Unauthenticated RCE
Microsoft Patch Tuesday May 2025: 72 flaws, 5 Actively Exploited Zero-Day
OTP glitch disrupted NID services across the country
Google to pay Texas $1.4 billion for location tracking practices
YouTube geo-blocks at least 4 Bangladeshi TV channels in India
Microsoft Patches Four Critical Azure and Power Apps Vulns
Qilin Ransomware topped April 2025 with 45+ data leak disclosures
SonicWall Patches 3 Flaws in SMA 100 Devices
Top Ransomware Actively Attacking Financial Sector: 406 Incidents Disclosed
Critical (CVSS 10) Flaw in Cisco IOS XE WLCs Allows RRA
Exposed Information Includes:
User cookies
Login credentials
Passwords
Domain information
Active Directory Rules details
Previous SonicWALL Exploits
BSCI said, according to Shodan search, there found 199 IP using SonicWall SSL-VPN on various organization in Bangladesh but may have more, they may be the target point of the bad actors if cant take stern action to secure.
According to Bangladesh cyber security intelligence (BSCI), The exploit is capable to bypasses 2FA, compromising a key security measure, Accesses RADIUS base records to retrieve sensitive data.
In 2021, hackers breached SonicWall’s SMA 100 series VPN appliances through zero-day vulnerabilities and a critical vulnerability was found in SonicWall’s SMA and SRA products, enabling attackers to gain control over affected systems by executing arbitrary code in 2029.
It’s important to quickly deal with security issues and keep all network security products updated with the latest patches.
Over a million users have been affected by the info stealer. Their data has been sold on the dark web, including sensitive information from corporations, financial institutions, and government organizations.
Hackers can use stolen credentials and an exploit called SonicWALL SSL-VPN to access classified information and cause data breaches. They can also launch ransomware attacks on organizations.
BCSI recommends staying alert and constantly checking their security systems for any strange activity, around the clock.
