Cyber Resilience

CVE-2023-34132

CriticalPublic PoC

Published: 13 July 2023

Published
13 July 2023
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.7026 98.7th percentile
Risk Priority 62 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-34132 is a critical-severity Use of Password Hash Instead of Password for Authentication (CWE-836) vulnerability in Sonicwall Global Management System. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 1.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

CVE-2023-34132 is a use of password hash instead of password for authentication vulnerability that permits Pass-the-Hash attacks. It affects SonicWall GMS versions 9.3.2-SP1 and earlier as well as Analytics versions 2.5.0.4-R7 and earlier. The flaw carries a CVSS 3.1 score of 9.8 and is tracked under CWE-836.

An unauthenticated attacker can exploit the issue remotely over the network to obtain full control over confidentiality, integrity, and availability of the affected management or analytics platform. Successful Pass-the-Hash abuse allows an adversary to authenticate using captured credential hashes without knowing the underlying passwords.

SonicWall has published vendor advisories SNWLID-2023-0010 and associated support notices that address the vulnerability and direct customers to remediation steps. Public exploit material referencing remote code execution against the affected versions has also appeared on PacketStorm.

The EPSS score stands at 0.7026 with an identical recorded peak, indicating sustained exploitation interest since disclosure.

EU & UK References

Vulnerability details

Use of password hash instead of password for authentication vulnerability in SonicWall GMS and Analytics allows Pass-the-Hash attacks. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

sonicwall
analytics
≤ 2.5.0.4-r7
sonicwall
global management system
9.3.2 · ≤ 9.3.2

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References