Skip to main content

Critical SonicWall Vulnerability Under Exploitation

CVE-2024-40766 could lead to unauthorised access or denial-of-service

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

CVE-2024-40766 could lead to unauthorised access or denial-of-service


Threat details

Evidence of exploitation

SonicWall has updated their advisory to reflect potential exploitation of CVE-2024-40766 in the wild.

SSLVPN and firewall appliances are internet-facing by design and frequent targets for cyber threat groups. Vulnerabilities in SSLVPN and firewall appliances are often exploited soon after official disclosure and broader exploitation is expected.


Introduction

SonicWall has released a security advisory to address a critical vulnerability in SonicOS management access and SSLVPN, affecting their SOHO (Generation 5), Generation 6, and Generation 7 appliances. SonicWall appliances are security appliances that provide virtual private network (VPN) and 'next-gen' firewall capabilities. The SonicWall advisory has been updated to reflect reports of exploitation.

CVE-2024-40766 is an 'Improper Access Control' vulnerability with a CVSSv3 score of 9.3. Successful exploitation by an unauthenticated, remote attacker could lead to unauthorised resource access or allow the attacker to crash the firewall, leading to a denial-of-service condition.


Remediation advice

Affected organisations are encouraged to review SonicWall advisory SNWLID-2024-0015 and apply the relevant updates.



Last edited: 6 September 2024 12:20 pm