Ethical hackers from Computest Security, a Dutch company, recently discovered a vulnerability in a SonicWall VPN server, allowing them to potentially access sensitive data on internal company networks. The hackers advise companies using these servers to immediately update them with the patch that has been released in response to these vulnerabilities. This incident highlights the importance of paying attention to peripheral security, such as VPN servers, routers, and firewalls.
Computest Security’s team of ethical hackers, led by Daan Keuper, had previously demonstrated the vulnerability of edge devices last year by uncovering flaws in a QNAP router during the Pwn2Own hacking competition and in a network drive from TrueNAS. This led the team to investigate other edge devices, ultimately leading them to discover vulnerabilities in the SonicWall VPN server.
The hackers identified vulnerabilities in the login protocol of the VPN server, allowing them to predict session numbers and impersonate users, giving them access to the corporate network undetected. Despite reporting these vulnerabilities to SonicWall, there is a concern that ransomware groups could exploit this information to launch attacks on other devices. Installing security updates promptly is crucial to prevent potential attacks.
In light of the increasing security threats targeting edge devices, Computest Security emphasizes the need for improved security measures not only from companies but also from manufacturers, distributors, and importers of these devices. The Cyber Resilience Act, which came into effect in the Netherlands at the end of 2024, poses a compliance risk for all parties involved in the supply chain of digital products such as VPN servers and routers. These parties are required to meet rigorous security standards and ensure the security of devices throughout their lifecycle.
While companies have until 2027 to prepare for compliance with the law, they should prioritize enhancing the security of edge devices to mitigate the risk of cyberattacks. Failure to comply with the Cyber Resilience Act could result in oversight and significant fines for those involved in the production and distribution of these critical network components.
As the landscape of cybersecurity evolves, it is crucial for all stakeholders to collaborate and prioritize the security of edge devices to prevent potential breaches and safeguard sensitive data. By staying proactive and implementing robust security measures, companies and manufacturers can mitigate the risks associated with cyber threats targeting critical network components.