Security News > 2024 > August > SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access
2024-08-26 14:33
SonicWall has released security updates to address a critical flaw impacting its firewalls that, if successfully exploited, could grant malicious actors unauthorized access to the devices. The vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), has been described as an improper access control bug. "An improper access control vulnerability has been identified in the SonicWall SonicOS
News URL
https://thehackernews.com/2024/08/sonicwall-issues-critical-patch-for.html
Related news
- Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability (source)
- Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence (source)
- CISA Flags Actively Exploited Vulnerability in SonicWall SMA Devices (source)
- Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution (source)
- Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now (source)
- Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035) (source)
- Critical Erlang/OTP SSH RCE bug now has public exploits, patch now (source)
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028) (source)
- SonicWall urges admins to patch VPN flaw exploited in attacks (source)
- Yet another SonicWall SMA100 vulnerability exploited in the wild (CVE-2025-32819) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-23 | CVE-2024-40766 | Unspecified vulnerability in Sonicwall Sonicos An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. | 9.8 |