SonicWall SSO-Agent NetAPI Vulnerability allows an attacker to force SSO Agent authentication, potentially leading to firewall access control bypass

SonicWall SSO-agent default configuration uses Microsoft NetAPI to probe the associated IP's in the network, this client probing method allows a potential attacker to capture the password hash of the privileged user and potentially forces the SSO Agent to authenticate allowing an attacker to bypass firewall access controls.
SonicWall SSO agent is ONLY affected if NetAPI is selected as a client probing method. This is a Microsoft NetAPI vulnerability and NetWkstaUserEnum request that it uses.

CVE: CVE-2020-5148
Last updated: March 4, 2021, 11:48 p.m.