SonicDoor - Cracking open SonicWall's Secure Mobile Access
Alain Mowat
Security Fest 2025 · Day 2 · Main Stage
Alain Mowat, Head of Research and Development at Orange Cyber Defense in Switzerland, presented "SonicDoor - Cracking open SonicWall's Secure Mobile Access" at Security Fest. This talk meticulously details a series of critical vulnerabilities discovered in SonicWall's Secure Mobile Access (SMA) virtual appliance, ranging from unauthenticated information leaks and authentication bypasses to remote code execution. Mowat's research highlights persistent and fundamental security flaws in widely deployed enterprise VPN solutions, underscoring a broader industry issue where critical security infrastructure often suffers from poor code hygiene and misaligned vendor incentives.