CISA Adds Palo Alto and SonicWall Vulnerabilities to KEV

CISA Adds Palo Alto and SonicWall Vulnerabilities to KEV

No Comments

The Cybersecurity and Infrastructure Security Agency (CISA) has recently identified and added two critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog. These vulnerabilities, affecting Palo Alto Networks’ PAN-OS and SonicWall’s SonicOS, have been actively exploited and pose significant risks to organizations.

Vulnerabilities Identified:

  1. CVE-2025-0108: Palo Alto PAN-OS Authentication Bypass Vulnerability
  2. CVE-2024-53704: SonicWall SonicOS SSLVPN Improper Authentication Vulnerability

CVE-2025-0108: Palo Alto PAN-OS Authentication Bypass Vulnerability

This vulnerability exists within the authentication mechanism of Palo Alto Networks’ PAN-OS. It allows an unauthenticated attacker with network access to the management web interface to bypass authentication controls. Exploiting this vulnerability can grant unauthorized access to the system, allowing attackers to perform administrative functions without proper credentials.

CVE-2024-53704: SonicWall SonicOS SSLVPN Improper Authentication Vulnerability

This vulnerability affects SonicWall’s SonicOS SSLVPN. It arises due to improper authentication handling, allowing an attacker to bypass authentication and gain unauthorized access to the VPN. This can be exploited by an attacker with network access to the SSLVPN interface.

CISA’s Role and Recommendations:

CISA’s inclusion of these vulnerabilities in the KEV Catalog highlights their potential for widespread exploitation and the necessity for timely remediation. CISA sets the deadline as 11 March 2025 as due date for federal agencies to remediate. As part of the Binding Operational Directive (BOD) 22-01, federal agencies are required to address these vulnerabilities promptly to bolster their cybersecurity posture.

Recommendations for Organizations:

  • Prioritize Patching: Ensure timely application of security patches and firmware updates for both Palo Alto PAN-OS and SonicWall SonicOS.
  • Network Segmentation: Isolate critical systems and management interfaces from untrusted networks to limit exposure.
  • Access Controls: Implement strict access controls, including MFA, to enhance security for administrative and VPN access.
  • Continuous Monitoring: Regularly monitor security advisories from CISA and the respective vendors to stay informed about emerging threats and vulnerabilities.
  • Incident Response Planning: Develop and regularly update incident response plans to address potential exploitation of known vulnerabilities.
Tags:

Comments

No comments yet. Why don’t you start the discussion?

    Leave a Reply

    This site uses Akismet to reduce spam. Learn how your comment data is processed.