Tripwire experts told About the CVE-2020-5135 vulnerability found in SonicOS, which is managed by SonicWall Network Security Appliance (NSA) devices. Typically, such equipment is used as firewalls and SSL VPN portals to filter and control access to private networks.
According to Tripwire, the vulnerability is related to the operation of a component that is responsible for handling custom protocols. Since this component is accessible via the WAN, this means that any attacker can exploit the bug if he knows the IP address of the device.
It is emphasized that the exploitation of the bug does not require high qualifications from the attacker, and it can hardly be called difficult. At the same time, CVE-2020-5135 received a critical status and scored 9.4 points out of 10 possible on the CVSS vulnerability assessment scale. The researchers expect that once the PoC exploit emerges, the problem will be actively exploited by attackers who do not even need credentials for attacks. Exploiting the problem can lead to both denial of service (DoS) and arbitrary code execution.
Researchers write that with the help of Shodan, they managed to find 795,357 publicly available SonicWall VPNs, which are most likely still vulnerable to a new bug.
Earlier this week, the SonicWall developers already submitted a patch for CVE-2020-5135 and now urge everyone to install the fix as soon as possible.