Tens of thousands of firewalls from manufacturer SonicWall that can be accessed from the internet contain critical vulnerabilities or are end-of-life. This is what security company Bishop Fox states based on its own research. The company surveyed the number of SonicWall firewalls and counted 430,000 devices. Of these, more than 20,000 were no longer supported.
Based on the firmware used, the researchers also looked at the presence of vulnerabilities. Of the 430,000 firewalls, the researchers found that at least 119,000 contained vulnerabilities, of which more than 25,000 contained one or more critical security holes. The researchers were unable to determine the status of more than 87,000 firewalls.
At the beginning of this year, Bishop Fox also conducted research into vulnerable SonicWall firewalls. Then 178,000 were discovered that appeared to contain the known vulnerabilities CVE-2022-22274 and/or CVE-2023-0656. That number is now said to be around 37,000. However, new vulnerabilities have also emerged in recent months. Both SonicWall and security companies warned about a vulnerability referred to as CVE-2024-40766, which is also believed to have been used in ransomware attacks.
According to the researchers, the situation has improved slightly compared to the previous measurement at the beginning of this year, but there are still major challenges. “The simple fact that more than 430,000 firewalls are publicly accessible is enough cause for concern, but when you add that more than half are running on outdated hardware, and more than a quarter have serious vulnerabilities, the whole picture looks quite worrying.” , the researchers said.
In short:
| Key Details | Statistics |
|---|---|
| Total SonicWall firewalls surveyed | 430,000 |
| Unsupported firewalls | > 20,000 |
| Firewalls containing vulnerabilities | 119,000 |
| Firewalls with critical vulnerabilities | > 25,000 |
| Recent vulnerabilities identified | CVE-2024-40766, among others |
