Palo Alto Networks and SonicWall VPNs affected by vulnerabilities allowing remote code execution and privilege escalation.
November 27, 2024 By Eduard Kovacs
Researchers at offensive cyber solutions provider AmberWolf have disclosed the details of a new attack method that can be leveraged against widely used corporate VPN clients.
VPNs are often used by organizations for secure remote access, but the AmberWolf researchers showed that the attack surface they introduce should not be ignored.
They also published an open source tool named NachoVPN, which demonstrates the attack against Palo Alto Networks and SonicWall VPNs through recently patched vulnerabilities, as well as against Cisco AnyConnect and Ivanti Connect Secure through older flaws. The tool’s plugin-based architecture enables users to add support for other products as well.
