b2b-daily
Home | IT | Cyber Security

Are Your SonicWall Devices Vulnerable to New Exploits?

Avatar photo
by Craig Anderson
May 2, 2025
Image Credit: Titima Ongkantong / Vecteezy
Are Your SonicWall Devices Vulnerable to New Exploits?
Article Highlights
Off On

The cybersecurity landscape is constantly evolving, presenting continuous challenges for both companies and individuals in securing their digital infrastructures. Recent developments have revealed that specific SonicWall Secure Mobile Access (SMA) appliances, namely the SMA 200, 210, 400, 410, and 500v models, are potentially at risk due to new exploit techniques. Despite SonicWall’s release of patches aimed at addressing these vulnerabilities, these devices have shown susceptibility to active exploitation. Two particular vulnerabilities have been under scrutiny. The first, identified as CVE-2023-44221, scored 7.2 on the CVSS scale and allows remote authenticated users with administrative privileges to inject arbitrary commands, potentially leading to an OS Command Injection. The second, CVE-2024-38475, poses a more significant threat with a CVSS score of 9.8, surfacing from improper escaping of output in the Apache HTTP Server, ultimately allowing harmful URL-file mapping.

Newly Disclosed Exploitation Techniques

Though SonicWall implemented critical security updates by December 2023 and 2024, experts still observe new exploitation tactics targeting CVE-2024-38475. Reports reveal techniques allowing unauthorized file access and session hijacking, initially hard to detect, yet increasingly evident. This prompted SonicWall to urge users to vigilantly check devices for unauthorized logins and bolster system defenses. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) highlighted the importance of staying alert, drawing attention to another vulnerability in the same series, underscoring ongoing risks. However, specifics regarding methods of exploitation remain undisclosed. Users and administrators of SonicWall SMA appliances must prioritize updates and adhere to supplementary security advice from SonicWall and CISA to effectively mitigate potential threats. In a rapidly evolving digital threat landscape, being proactive and well-informed is vital to defend against relentless cyber threats and exploitation attempts.

Explore more

Jenacie AI Debuts Automated Trading With 80% Returns
February 6, 2026

We’re joined by Nikolai Braiden, a distinguished FinTech expert and an early advocate for blockchain technology. With a deep understanding of how technology is reshaping digital finance, he provides invaluable insight into the innovations driving the industry forward. Today, our conversation will explore the profound shift from manual labor to full automation in financial trading. We’ll delve into the mechanics

Chronic Care Management Retains Your Best Talent
February 6, 2026

With decades of experience helping organizations navigate change through technology, HRTech expert Ling-yi Tsai offers a crucial perspective on one of today’s most pressing workplace challenges: the hidden costs of chronic illness. As companies grapple with retention and productivity, Tsai’s insights reveal how integrated health benefits are no longer a perk, but a strategic imperative. In our conversation, we explore

DianaHR Launches Autonomous AI for Employee Onboarding
February 6, 2026

With decades of experience helping organizations navigate change through technology, HRTech expert Ling-Yi Tsai is at the forefront of the AI revolution in human resources. Today, she joins us to discuss a groundbreaking development from DianaHR: a production-grade AI agent that automates the entire employee onboarding process. We’ll explore how this agent “thinks,” the synergy between AI and human specialists,

Is Your Agency Ready for AI and Global SEO?
February 6, 2026

Today we’re speaking with Aisha Amaira, a leading MarTech expert who specializes in the intricate dance between technology, marketing, and global strategy. With a deep background in CRM technology and customer data platforms, she has a unique vantage point on how innovation shapes customer insights. We’ll be exploring a significant recent acquisition in the SEO world, dissecting what it means

Trend Analysis: BNPL for Essential Spending
February 6, 2026

The persistent mismatch between rigid bill due dates and the often-variable cadence of personal income has long been a source of financial stress for households, creating a gap that innovative financial tools are now rushing to fill. Among the most prominent of these is Buy Now, Pay Later (BNPL), a payment model once synonymous with discretionary purchases like electronics and