Cybersecurity Chaos: New Vulnerabilities Rock Palo Alto and SonicWall Systems

CISA adds two security flaws in Palo Alto Networks PAN-OS and SonicWall SonicOS SSLVPN to its Known Exploited Vulnerabilities catalog. These vulnerabilities, including CVE-2025-0108 and CVE-2024-53704, allow attackers to bypass authentication. With active exploitation on the rise, agencies must address these issues promptly to secure their networks.

3P
Published: February 19, 2025 5:35 amAdded: February 18, 2025 at 9:40 pmAssembled by: The Editor

Hot Take:

Looks like cybercriminals are getting a head start on their New Year’s resolutions — to exploit as many vulnerabilities as possible before the clock strikes 2025! Our favorite digital fortresses, Palo Alto Networks and SonicWall, are having a bit of a rough patch as they’ve been caught with their firewalls down. Spoiler alert: The hackers didn’t even RSVP before crashing the party.

Key Points:

  • Palo Alto Networks and SonicWall are the latest victims in the cybersecurity hall of shame, with two major vulnerabilities being actively exploited.
  • CVE-2025-0108 allows unauthenticated attackers to bypass authentication on the PAN-OS management web interface.
  • CVE-2024-53704 lets remote attackers bypass authentication in the SonicOS SSLVPN.
  • GreyNoise identified 25 malicious IPs actively exploiting CVE-2025-0108, primarily from the US, Germany, and the Netherlands.
  • Federal agencies have until March 11, 2025, to patch things up and avoid being the next cyber horror story.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?