Security Bulletin

Urgent Security Alert: Action Required for New SonicWall SSL-VPN Threat Activity

zack.finstad@logically.com (Zack Finstad) — Fri, 12 Sep 2025 21:42:37 GMT

Introduction: What's Happening?

A significant security risk has been identified and is being actively exploited in certain SonicWall SSL VPN products. The issue was recently highlighted by cybersecurity news outlet The Hacker News, and SonicWall previously released an official security advisory confirming the threat.

Fortinet TACACS+ Vulnerability Alert – CVE-2025-22252: What You Need to Know

Michael Webber — Thu, 15 May 2025 21:53:11 GMT

At Logically, maintaining the security of your network is our mission.

Critical SonicWALL CVE Identified in Workplace Service – Immediate Action Recommended

zack.finstad@logically.com (Zack Finstad) — Thu, 15 May 2025 18:54:06 GMT

At Logically, securing your technology environment is our top priority.

SonicWall Vulnerability Alert: CVE-2025-32818 | SNWLID-2025-0009

Kyle Sandy — Mon, 28 Apr 2025 12:29:06 GMT

SonicWall CVE-2025-32818: Logically’s Response and Action Plan

SonicWall Mobile Connect: Transitioning to NetExtender for Windows Users

zack.finstad@logically.com (Zack Finstad) — Tue, 21 Jan 2025 17:40:06 GMT

SonicWall Mobile Connect: Transitioning to NetExtender for Windows Users

Protect Yourself from Social Engineering Scams on Microsoft Teams

Jake Tarrant — Mon, 20 Jan 2025 21:56:52 GMT

At Logically, your security is our priority.

We want to alert you to a social engineering scam that is targeting our clients and many others. Scammers are exploiting the Microsoft Teams platform to impersonate trusted IT professionals, and it’s critical to stay vigilant. Here’s what you need to know:

Firmware Upgrade Required for Certain Fortinet Devices

Kyle Sandy — Wed, 15 Jan 2025 00:17:58 GMT

At Logically, we are committed to promoting cybersecurity awareness and safety within the broader community. We wish to inform you about a recently identified security vulnerability affecting specific Fortinet devices. This issue pertains to FortiOS (FortiGate) versions 7.0.0 to 7.0.16 and FortiProxy versions 7.0.0 to 7.0.19 & 7.2.0 to 7.2.12, cataloged under CVE-2024-55591.

SonicWall Known Exploited Vulnerabilities Update

Kyle Sandy — Fri, 06 Dec 2024 02:36:18 GMT

Keeping your network secure requires staying ahead of emerging threats. Recently, multiple vulnerabilities impacting the SonicWall SMA100 series have been identified, prompting swift action to ensure your devices are protected. Here's what you need to know and how Logically and SonicWall can support you in mitigating these risks.

Fortinet VPN Zero Day

Michael Webber — Wed, 20 Nov 2024 21:10:26 GMT

Chinese threat actors, "BrazenBamboo," use a custom post-exploitation toolkit named DeepData to exploit a zero-day vulnerability in Fortinet's FortiClient Windows VPN client. This vulnerability allows attackers to dump credentials from memory after a user authenticates with the VPN. DeepData is a modular tool that employs multiple plugins for data theft, and its latest version includes a plugin specifically for extracting credentials and VPN server information from FortiClient by decrypting stored JSON objects in memory.

SonicOS Vulnerability – SNWLID-2024-0012

Kyle Sandy — Fri, 19 Jul 2024 15:46:22 GMT

In a recent security update, SonicWall has added a new vulnerability, identified as SNWLID-2024-0012, to its Known Exploited Vulnerabilities Catalog. This vulnerability, tracked as CVE-2024-40764, affects the Gen 6 NSv and Gen 7 Firewalls series products. Here's what you need to know to ensure your network's security.