New SonicBoom Attack Allows Bypass of Authentication for Admin Access

The SonicBoom attack chain exemplifies the risks posed by overlooked authentication gaps and insecure file handling in enterprise appliances. This sophisticated multi-stage exploit leverages a combination of pre-authentication vulnerabilities, arbitrary file write, and server-side request forgery (SSRF) to achieve full system compromise. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. According to watchTowr reports, the SonicBoom chain exploits flaws in the authentication and file handling mechanisms of targeted appliances. The vulnerable code concatenates these parameters into URLs and file paths without proper sanitization, enabling SSRF and path traversal attacks. Kaaviya is a Security Editor and fellow reporter with Cyber Security News. SonicWall SMA: Multiple CVEs, including CVE-2025-23006 and CVE-2024-38475, have been exploited in the wild, allowing pre-authentication remote code execution and admin takeover. A sophisticated new strain of malware dubbed "Chimera" has emerged in 2025, representing a significant evolution in cyber threats. The appliance downloads a ZIP file from the attacker’s server, then writes and extracts its contents into directories accessible by the web server. The attack is further facilitated by path traversal in the servicePack parameter, enabling writes to unintended directories. She is covering various cyber security incidents happening in the Cyber Space. This grants full administrative access, allowing the attacker to install programs, exfiltrate data, or further pivot within the network.

This Cyber News was published on cybersecuritynews.com. Publication date: Mon, 05 May 2025 08:55:06 +0000


Cyber News related to New SonicBoom Attack Allows Bypass of Authentication for Admin Access

New SonicBoom Attack Allows Bypass of Authentication for Admin Access - The SonicBoom attack chain exemplifies the risks posed by overlooked authentication gaps and insecure file handling in enterprise appliances. This sophisticated multi-stage exploit leverages a combination of pre-authentication vulnerabilities, ...
5 hours ago Cybersecuritynews.com CVE-2025-23006 Chimera
Attack Vector vs Attack Surface: The Subtle Difference - Cybersecurity discussions about "Attack vectors" and "Attack surfaces" sometimes use these two terms interchangeably. This article guides you through the distinctions between attack vectors and attack surfaces to help you better understand the two ...
2 years ago Trendmicro.com
What Is Kerberos Authentication?: Implementing Effective Security Protocols - Kerberos is a vital security protocol that any serious computer user must be familiar with. It is an open standard that provides a secure way of verifying the identity of user across multiple systems. The Kerberos authentication protocol is a ...
2 years ago Heimdalsecurity.com
Passwordless Login: Effortless Authentication - Let's explore how passwordless login paves the way for seamless and secure user authentication, fostering trust and loyalty. The Password Dilemma Though conventional complex password-based authentication has long been a cornerstone of robust ...
1 year ago Feeds.dzone.com
How to Use Context-Based Authentication to Improve Security - One of the biggest security weak points for organizations involves their authentication processes. Context-based authentication offers an important tool in the battle against credential stuffing, man-in-the-middle attacks, MFA prompt bombing, and ...
1 year ago Securityboulevard.com
Top 10 Best Passwordless Authentication Tools in 2025 - Auth0 provides a flexible authentication and authorization platform that supports passwordless login methods, enhancing security and user experience by eliminating the need for traditional passwords. Okta provides a robust identity and access ...
1 month ago Cybersecuritynews.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Biometric Authentication in Business: Enhancing Security - With its high level of security, convenience, user-friendliness, and accuracy, biometric authentication is paving the way for the future of secure authentication in the business world. One of the primary advantages of implementing biometric ...
1 year ago Securityzap.com
East Texas hospital network can't receive ambulances because of potential cybersecurity incident - GetTime();if(!(u<=a&&d<=l throw new RangeError("Invalid interval");return r.inclusive?u<=l&&d<=a:ut||isNaN(t. Step):1;if(s<1||isNaN(s throw new RangeError("`options. Step):1;if(l<1||isNaN(l throw new RangeError("`options. GetTime()<=n throw new ...
1 year ago Cnn.com
Selecting an Authentication Protocol for Your Business - Authentication protocols serve as the backbone of online security, enabling users to confirm their identities securely and access protected information and services. The protocols exchange information to verify the validity of the authentication ...
1 year ago Darkreading.com
New York's cyber chief on keeping cities and states safe from cyberattacks | The Record from Recorded Future News - And so we think that that'll continue to evolve the security posture of New York State in a way that first and foremost provides the public good, which is, if a government service is not secure, it can't be considered reliable. We're ...
1 month ago Therecord.media
Biometric Authentication: Advancements and Challenges - Advancements in technology are driving the world of biometric authentication into a realm where one's very being serves as the key to accessing secure systems. The Evolution of Biometric Technology has significantly transformed the landscape of ...
1 year ago Securityzap.com
Understanding the New SEC Rules for Disclosing Cybersecurity Incidents - The U.S. Securities and Exchange Commission recently announced its new rules for public companies regarding cybersecurity risk management, strategy, governance, and incident exposure. "Currently, many public companies provide cybersecurity disclosure ...
1 year ago Feeds.dzone.com
CVE-2011-4543 - Multiple directory traversal vulnerabilities in osCommerce 3.0.2 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) set or (2) module parameter to (a) ...
7 years ago
Cisco Duo and ISE: Better together in the cybersecurity battlefield - Luckily for you, Cisco Duo and ISE are the perfect pair to protect your network. Think of Cisco Duo's multi-factor authentication as the added layer of security that verifies a user's identity at the time of login, like a high-tech forcefield that ...
1 year ago Feedpress.me
TISAX: new Catalogue ISA v6 available - ISA 6: The latest version of the ISA catalogue, published in October 2023, with many changes and improvements to address the challenges and needs of the industry. Key changes in ISA 6: New and revised controls to strengthen protection, detection, ...
1 year ago Sorinmustaca.com
Neurosurgeons of New Jersey Confirms Cyber Attack Resulting in Recent Data Breach - On December 4, 2023, Neurosurgical Associates of New Jersey filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering. In this notice, Neurosurgeons of New Jersey explains that an ...
1 year ago Jdsupra.com
7 Best Attack Surface Management Software for 2024 - Attack surface management is a relatively new cybersecurity technology that combines elements of vulnerability management and asset discovery with the automation capabilities of breach and attack simulation and applies them to an organization's ...
1 year ago Esecurityplanet.com
CVE-2021-41129 - Pterodactyl is an open-source game server management panel built with PHP 7, React, and Go. A malicious user can modify the contents of a `confirmation_token` input during the two-factor authentication process to reference a cache value not ...
1 year ago
New Relic CEO sets observability strategy for the AI age - The executive that replaced Gary Steele as CEO at Proofpoint when Steele left for Splunk has now followed Steele's path from cybersecurity to the helm of an observability company. Ashan Willy was appointed CEO at New Relic in December, a month after ...
10 months ago Techtarget.com
Hackers Using Advanced MFA-Bypassing Techniques To Gain Access To User Account - This code snippet shows how attackers can intercept an authentication response and modify critical status flags to falsely indicate MFA verification has been successfully completed. These advanced techniques, which exploit vulnerabilities in ...
1 month ago Cybersecuritynews.com
Detectify platform enhancements address growing attack surface complexity - Detectify announced a new Domains page and major improvements to existing capabilities for setting custom attack surface policies. These updates bring control over attack surface data and enable organizations to seamlessly configure alerts for policy ...
11 months ago Helpnetsecurity.com
Cybersixgill Announces Identity Intelligence Module for Threat Analysis - PRESS RELEASE. Tel Aviv, Israel - December 6, 2023 - Cybersixgill, the global cyber threat intelligence data provider, announced today new features and capabilities that take security teams' threat detection and mitigation efforts to new levels, ...
1 year ago Darkreading.com Hunters
Cybersixgill introduces new features and capabilities to strengthen threat analysis - Cybersixgill announced new features and capabilities that take security teams' threat detection and mitigation efforts to new levels, helping them identify and mitigate vulnerabilities and detect and stop threats more quickly and effectively. ...
1 year ago Helpnetsecurity.com Hunters
SonicWall SonicOS SSLVPN Vulnerability Actively Exploited in the Wild - The vulnerability’s exploitation underscores persistent risks in widely deployed network security appliances and highlights the tactical evolution of threat actors targeting authentication bypass mechanisms. The U.S. Cybersecurity and ...
2 months ago Cybersecuritynews.com CVE-2024-53704 CVE-2024-40766 Akira

Cyber Trends (last 7 days)