IT SPARC Cast

SonicWall Backdoor Exploit – CVEs, One Time Password Theft, and Vendor Silence


Listen Later

đź“„ Episode Description:


In this episode of IT SPARC Cast – CVE of the Week, John and Lou dive into a troubling situation involving SonicWall’s SMA 100 series firewalls. Despite devices being fully patched, active exploits are targeting one-time password seeds with stealthy malware like “OVERSTEP.” The malware modifies boot scripts, hides logs, steals credentials, and persists through reboots—leaving enterprise networks exposed without an effective patch in sight.


We break down known associated CVEs (including CVE-2021-20038, CVE-2024-38475, CVE-2021-20035, CVE-2021-20039, and CVE-2025-32819) and highlight the problematic nature of SonicWall’s response: telling customers to “just upgrade” without offering real mitigation. Whether you’re a SonicWall customer or an IT security leader assessing vendor risk, this episode serves as a wake-up call for how to handle (or not handle) active cyber threats.


⸻


đź”— Social Links:


IT SPARC Cast

@ITSPARCCast on X

IT SPARC Cast on LinkedIn


John Barger

@john_Video on X

John Barger on LinkedIn


Lou Schmidt

@loudoggeek on X

Lou Schmidt on LinkedIn

Hosted on Acast. See acast.com/privacy for more information.

...more
View all episodesView all episodes
Download on the App Store

IT SPARC CastBy John Barger