Critical SonicWall Vulnerability Under Exploitation
CVE-2024-40766 could lead to unauthorised access or denial-of-service
Summary
CVE-2024-40766 could lead to unauthorised access or denial-of-service
Affected platforms
The following platforms are known to be affected:
Threat details
Evidence of exploitation
SonicWall has updated their advisory to reflect potential exploitation of CVE-2024-40766 in the wild.
SSLVPN and firewall appliances are internet-facing by design and frequent targets for cyber threat groups. Vulnerabilities in SSLVPN and firewall appliances are often exploited soon after official disclosure and broader exploitation is expected.
Introduction
SonicWall has released a security advisory to address a critical vulnerability in SonicOS management access and SSLVPN, affecting their SOHO (Generation 5), Generation 6, and Generation 7 appliances. SonicWall appliances are security appliances that provide virtual private network (VPN) and 'next-gen' firewall capabilities. The SonicWall advisory has been updated to reflect reports of exploitation.
CVE-2024-40766 is an 'Improper Access Control' vulnerability with a CVSSv3 score of 9.3. Successful exploitation by an unauthenticated, remote attacker could lead to unauthorised resource access or allow the attacker to crash the firewall, leading to a denial-of-service condition.
Remediation advice
Affected organisations are encouraged to review SonicWall advisory SNWLID-2024-0015 and apply the relevant updates.
Definitive source of threat updates
Last edited: 6 September 2024 12:20 pm