Jon Williams
@br4inde4d.bsky.social
Vulnerability Researcher at Bishop Fox
Our blog post on the Arista XSS to RCE chain is now live! We withheld exploit details because the root cause has not been fully mitigated. Patch now if you haven't already, disable your captive portal to reduce the likelihood of exploitation, and stay tuned for new vulns to be disclosed soon!
Arista Firewall XSS to RCE Chain
Arista NG Firewalls: researchers confirm real-world RCE risk and incomplete patches. Learn impact, affected setups, and mitigation steps.
bishopfox.com
December 5, 2025 at 9:17 AM
Our blog post on the Arista XSS to RCE chain is now live! We withheld exploit details because the root cause has not been fully mitigated. Patch now if you haven't already, disable your captive portal to reduce the likelihood of exploitation, and stay tuned for new vulns to be disclosed soon!
My team confirmed that recently disclosed Arista NGFW vulnerabilities are fully exploitable! RCE is possible with victim interaction. More details coming soon to our blog: bishopfox.com/blog
December 4, 2025 at 11:48 AM
My team confirmed that recently disclosed Arista NGFW vulnerabilities are fully exploitable! RCE is possible with victim interaction. More details coming soon to our blog: bishopfox.com/blog
Just published a new blog about using LLMs to accelerate patch diffing! We developed a semi-automated analysis workflow and benchmarked four high-impact vulns using a few different Claude models. Check out how they performed!
Vulnerability Discovery with LLM-Powered Patch Diffing
Read our most recent research to see how LLMs can assist in scaling patch diffing workflows, saving valuable time in a crucial race against attackers.
bishopfox.com
August 16, 2025 at 4:54 PM
Just published a new blog about using LLMs to accelerate patch diffing! We developed a semi-automated analysis workflow and benchmarked four high-impact vulns using a few different Claude models. Check out how they performed!
I made SonicWall’s hall of fame for this one. Patch your firewalls (again), folks!
bishopfox.com/blog/sonicwa...
bishopfox.com/blog/sonicwa...
SonicWall Sonicos Versions 7.1.x and 8.0.x
Blog describes how Bishop Fox staff identified a vulnerability in SonicWall SonicOS 7.1.x and 8.0.x in the SSL VPN service and solutions for customers.
bishopfox.com
April 25, 2025 at 1:53 AM
I made SonicWall’s hall of fame for this one. Patch your firewalls (again), folks!
bishopfox.com/blog/sonicwa...
bishopfox.com/blog/sonicwa...
The DistrictCon talk @noperator.bsky.social and I gave on decrypting SonicWall NSv firmware is up on YouTube now: www.youtube.com/watch?v=FIYK...
DistrictCon 2025 Day 1 Talk 3 - Reverse Engineering Sonicwall Firmware Jon Williams, Caleb Gross
YouTube video by DistrictCon - Live stream Here for day 2
www.youtube.com
March 19, 2025 at 2:55 PM
The DistrictCon talk @noperator.bsky.social and I gave on decrypting SonicWall NSv firmware is up on YouTube now: www.youtube.com/watch?v=FIYK...
Reposted by Jon Williams
Don’t miss @br4inde4d.bsky.social and @noperator.bsky.social presenting: “Tearing Down (Sonic)Walls: Reverse-Engineering SonicOSX Firmware Encryption” at @districtcon.bsky.social Feb 21 at 1:30p.m. And stop by our Coffee Cart for ☕️ & convo! More: bishopfox.com/events/bisho...
#SonicWall #firewall
#SonicWall #firewall
February 17, 2025 at 4:12 PM
Don’t miss @br4inde4d.bsky.social and @noperator.bsky.social presenting: “Tearing Down (Sonic)Walls: Reverse-Engineering SonicOSX Firmware Encryption” at @districtcon.bsky.social Feb 21 at 1:30p.m. And stop by our Coffee Cart for ☕️ & convo! More: bishopfox.com/events/bisho...
#SonicWall #firewall
#SonicWall #firewall
They got me on camera to talk about my recent SonicWall exploit 😄
SonicWall CVE-2024-53704: SSL VPN Session Hijacking
YouTube video by Bishop Fox
youtube.com
February 11, 2025 at 11:55 PM
They got me on camera to talk about my recent SonicWall exploit 😄
As promised, our blog post on CVE-2024-53704, a session hijacking vulnerability affecting the SSL VPN component of SonicWall firewalls, has been updated to include full exploitation details. Check it out!
SonicWall CVE-2024-53704: SSL VPN Session Hijacking
Security researchers have exploited CVE-2024-53704, an authentication bypass affecting the SSL VPN component of unpatched SonicWall firewalls. Watch demo!
bishopfox.com
February 10, 2025 at 8:24 PM
As promised, our blog post on CVE-2024-53704, a session hijacking vulnerability affecting the SSL VPN component of SonicWall firewalls, has been updated to include full exploitation details. Check it out!
Successfully exploited SonicWall CVE-2024-53704, allowing active SSL VPN sessions to be hijacked on affected firewalls. We'll be withholding details for a while because there are still thousands of vulnerable appliances on the public internet.
January 17, 2025 at 6:15 PM
Successfully exploited SonicWall CVE-2024-53704, allowing active SSL VPN sessions to be hijacked on affected firewalls. We'll be withholding details for a while because there are still thousands of vulnerable appliances on the public internet.