Critical Access Control Vulnerability Detected in SonicWall’s SonicOS

August 26, 2024

SonicWall has issued a warning about a critical access control flaw in its SonicOS that could potentially grant attackers unauthorized access to resources or cause the firewall to crash. The flaw has been assigned the identifier CVE-2024-40766 and given a severity score of 9.3 based on the CVSS v3 standard, due to its network-based attack vector, low complexity, lack of authentication requirement, and lack of user interaction requirement. SonicWall's bulletin reads, "An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash."

This flaw impacts SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions. SonicWall advises system administrators to upgrade to versions of SonicOS that address CVE-2024-40766. These security updates are available for download on mysonicwall.com. For those who cannot immediately apply the fixes, SonicWall recommends restricting firewall management access to trusted sources or disabling WAN management access from the internet. Guidance on how to do this can be found on SonicWall's help page.

SonicWall firewalls are widely deployed in a variety of mission-critical industries and corporate environments, and are frequently targeted by threat actors seeking initial access to corporate networks. In March 2023, SonicWall Secure Mobile Access (SMA) appliances were attacked by suspected Chinese hackers, tracked as UNC4540, using custom malware that could persist through firmware upgrades. The US Cybersecurity & Infrastructure Security Agency (CISA) has been warning about active exploitation of vulnerabilities in SonicWall appliances since 2022.

Latest News

Like what you see?

Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.

Subscribe Below

By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.

Accelerate Security Teams

Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.