CyberWire Daily A firewall wake up call. [Research Saturday]
Nov 9, 2024
Jon Williams, a Senior Security Engineer at Bishop Fox, reveals alarming vulnerabilities in SonicWall firewalls that affect over 178,000 devices. He delves into his research on unauthenticated denial-of-service bugs, emphasizing the critical flaws in implementation. Williams explains how 76% of scanned firewalls with open management interfaces are vulnerable and provides insights on navigating vulnerability assessments without disrupting services. This discussion underscores the urgent need for enhanced security measures to protect against potential exploits.
AI Snips
Chapters
Transcript
Episode notes
Research Motivation
- Jon Williams, intrigued by SonicWall's history of vulnerabilities, researched their Next Generation Firewall Platform.
- He focused on unauthenticated remote code execution bugs without known exploits, leading him to a 2022 vulnerability.
Vulnerability Root Cause
- SonicWall developers misused the snprintf check function, assuming it returned the length of the copied string, not the intended length.
- This led to buffer overflows, despite the function being designed for buffer overflow safety.
Linked Vulnerabilities
- Williams found the same bug existed in two other paths, initially thinking it was a zero-day.
- Further research revealed SSD Labs reported it in 2023; Williams linked the two vulnerabilities and published exploits for both.