Cybersecurity researchers have identified a significant vulnerability in SonicWall Gen6 SSL-VPN appliances, designated as CVE-2024-12802, which allows attackers to bypass multi-factor authentication (MFA) using brute-force methods. The hackers exploited this vulnerability to gain access to internal networks within 30 to 60 minutes, conducting reconnaissance and testing credential reuse on internal systems. SonicWall has cautioned that merely installing the latest firmware is not enough; manual reconfiguration of the LDAP server is critical to fully mitigate the risk. This vulnerability was first observed in the wild by ReliaQuest, which noted that affected devices appeared to be patched but remained vulnerable due to incomplete remediation steps. In one incident, attackers managed to establish a remote connection and attempted to deploy malicious tools, although their efforts were blocked by existing endpoint protection. Given that Gen6 devices have reached their end-of-life and no longer receive security updates, users are advised to transition to newer models to ensure ongoing security.