The Cybersecurity and Infrastructure Security Agency (CISA) has included SonicWall SonicOS SSLVPN and Palo Alto Networks PAN-OS authentication bypass flaws in its Known Exploited Vulnerabilities (KEV) catalog, urging federal agencies to remediate both vulnerabilities by Mar. 11, according to SC Media.
The critical SonicOS SSLVPN issue, tracked as CVE-2024-53704, is the most severe of the newly added bugs. The SonicOS SSLVPN issue could be leveraged for session hijacking and unauthorized network access.
Qualys discovered that over 11,000 online SonicOS instances, almost 6,500 of which are in the U.S., were potentially compromised in attacks exploiting the flaw, which commenced immediately after BishopFox's release of a proof-of-concept code.
Palo Alto Networks reported that intrusions involving the high-severity PAN-OS bug, tracked as CVE-2025-0108, were also involved the exploitation of the older privilege escalation vulnerability CVE-2024-9474 and high-severity authentication file read issue CVE-2025-0111. GreyNoise observed more than two dozen IP addresses exploiting CVE-2025-0108, two of which commenced abuse just a day after the flaw was detailed last week.
