WatchGuard Firebox Single Sign-On Client Denial-of-Service

Advisory ID

WGSA-2024-00016

CVE

CVE-2024-6594

Impact

High

Status

Acknowledged

Product Family

Other Software

Published Date

2024-09-25

Updated Date

2024-09-24

Workaround Available

True

CVSS Score

7.5

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

An improper handling of exceptional conditions vulnerability in the WatchGuard Single Sign-On Client on Windows causes the client to crash while handling malformed commands. An attacker that has gained network access could create a denial-of-service (DoS) condition for the Single Sign-On client, preventing the computer from completing the SSO process by repeatedly issuing malformed commands.

Affected

This issue affects the Windows Single Sign-On Client: through 12.7.

Workaround

An attacker must have already established network access to exploit this vulnerability. WatchGuard recommends using Windows Firewall rules to restrict TCP port 4116 network access to the Single Sign-On Client to only allow connections from the Authentication Gateway (SSO Agent).

Windows administrators can use Group Policy objects to add Windows firewall rules to their endpoints.

Credits

Found by RedTeam Pentesting GmbH

References

https://www.redteam-pentesting.de/advisories/rt-sa-2024-008

Advisory Product List

Product Family

Product Branch

Product List

Other Software

SSO Client

Advisory List

Go to