Cybersecurity experts reported the detection of a severe vulnerability affecting Directory Services Connector, software solution developed by SonicWall. According to the report, successful exploitation of this flaw would allow malicious hackers to bypass the software’s authentication process.
Below is a detailed report of the reported flaw, in addition to its severity score according to the Common Vulnerability Scoring System (CVSS). It is worth mentioning that this flaw has not yet been assigned a CVE tracking key.
This security error exists due to an error while processing authentication requests in SonicWall SSO-agent default configurations, when Microsoft NetAPI is selected as a client probing method. According to the report, remote threat actors could send a specially designed NetWkstaUserEnum request, bypass authentication process and gain unauthorized access to the application.
This is a high severity score and it got a 7.1/10 CVSS score.
The vulnerability resides in these Directory Services Connector versions: 4.1.0, 4.1.1, 4.1.2, 4.1.3, 4.1.4, 4.1.5, 4.1.6, 4.1.7, 4.1.8, 4.1.9, 4.1.10, 4.1.11, 4.1.12, 4.1.13, 4.1.14, 4.1.15, 4.1.16 & 4.1.17.
While this flaw can be exploited by unauthenticated remote threat actors over the local network, information security experts have not detected active exploit attempts or malware variants associated with the attack.
Security patches are now available, so SonicWall invites users of affected deployments to update as soon as possible. To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) website.