The bug, tracked as CVE-2024-53704, was patched in a firmware update available from Jan. 7, which also covered another risk, a less important risk.
Unauthorized remote control access
SonicWall network security services use SonicOS SSLVPN to enable secure remote access to internal network resources over the Internet.
With a CVSS score of 8.2/10, the vulnerability affects a number of Gen6 and Gen7 firefighters. Fixed versions include SonicOS 6.5.5.1-6n or newer for hardware firewalls, SonicOS 6.5.4.v-21s-RC2457 or newer for NSv firewalls, and SonicOS 7.0.1-5165 or newer for firewalls -Gen 7.
Source link