Cyber Resilience

CVE-2023-34129

High

Published: 13 July 2023

Published
13 July 2023
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.3136 96.9th percentile
Risk Priority 36 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-34129 is a high-severity Path Traversal (CWE-22) vulnerability in Sonicwall Global Management System. Its CVSS base score is 8.8 (High).

Operationally, ranked in the top 3.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

CVE-2023-34129 is a path traversal vulnerability (CWE-22) present in SonicWall Global Management System (GMS) 9.3.2-SP1 and earlier as well as Analytics 2.5.0.4-R7 and earlier. The flaw stems from improper pathname limitation that permits use of the Zip Slip technique, enabling an authenticated remote attacker to write arbitrary files to any location on the underlying filesystem with root privileges. The issue carries a CVSS 3.1 base score of 8.8 reflecting network attack vector, low complexity, and low-privileged authentication requirements that result in complete loss of confidentiality, integrity, and availability.

An authenticated remote attacker can supply a crafted archive to the affected management or analytics application and cause extraction of its contents outside the intended directory. Successful exploitation grants the ability to overwrite or place files anywhere on the system, including sensitive configuration files, binaries, or scripts that run with root privileges, thereby allowing full compromise of the host.

SonicWall has published advisory SNWLID-2023-0010 and an accompanying support notice detailing the affected versions and remediation steps. The current EPSS score of 0.3136 (peak 0.3331) indicates moderate but not widespread exploitation interest since disclosure.

EU & UK References

Vulnerability details

Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in SonicWall GMS and Analytics allows an authenticated remote attacker to traverse the directory and extract arbitrary files using Zip Slip method to any location on the underlying…

more

filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

sonicwall
analytics
≤ 2.5.0.4-r7
sonicwall
global management system
9.3.2 · ≤ 9.3.2

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-22

Validates pathnames and filenames to prevent traversal outside intended directories.

References