SonicWall SSLVPN Vulnerability Exploited in Cyber Attacks: Urgent Call for Patching

September 6, 2024

SonicWall has issued a warning about the potential exploitation of a recently rectified access control flaw in SonicOS, designated as CVE-2024-40766. The company is encouraging administrators to implement patches as soon as possible to mitigate the risk. The advisory from SonicWall states, "This vulnerability is potentially being exploited in the wild. Please apply the patch as soon as possible for affected products. The latest patch builds are available for download on mysonicwall.com."

CVE-2024-40766 is a critical access control vulnerability with a CVSS v3 score of 9.3, affecting SonicWall Firewall Gen 5, Gen 6, and Gen 7 devices. The vendor has not released extensive details about the flaw, but it is known to potentially allow unauthorized access to resources and has the capability to crash the firewall, leading to the removal of network protections.

SonicWall initially revealed the flaw on August 22, 2024, believing it to only affect SonicOS management access. However, an update from the company now indicates that the SSLVPN feature of the firewall is also impacted by CVE-2024-40766.

SonicWall has not yet provided information on how the flaw is being actively exploited. However, similar vulnerabilities have been used previously to gain initial access to corporate networks. SonicWall devices are often targeted by threat actors due to their exposure to the internet for remote VPN access. In March 2023, suspected Chinese hackers, known as UNC4540, exploited unpatched SonicWall Secure Mobile Access (SMA) devices to install custom malware that persisted even after firmware upgrades.

SonicWall was contacted for more information about the active exploitation of the flaw, but no immediate response was available.

Related News

Latest News

Like what you see?

Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.

Subscribe Below

By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.

Accelerate Security Teams

Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.