Security News > 2024 > September > Week in review: SonicWall critical firewalls flaw fixed, APT exploits WPS Office for Windows RCE

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766) SonicWall has patched a critical vulnerability (CVE-2024-40766) in its next-gen firewalls that could allow remote attackers unauthorized access to resources and, in specific conditions, to crash the appliances. Nuclei: Open-source vulnerability scanner Nuclei is a fast and customizable open-source vulnerability scanner powered by YAML-based templates. APT group exploits WPS Office for Windows … More → The post Week in review: SonicWall critical firewalls flaw fixed, APT exploits WPS Office for Windows RCE appeared first on Help Net Security.
News URL
Related news
- Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now (source)
- Critical Erlang/OTP SSH RCE bug now has public exploits, patch now (source)
- China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide (source)
- PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware (source)
- ⚡ Weekly Recap: Windows 0-Day, VPN Exploits, Weaponized AI, Hijacked Antivirus and More (source)
- Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability (source)
- PoC exploit for critical Erlang/OTP SSH bug is public (CVE-2025-32433) (source)
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028) (source)
- Craft CMS RCE exploit chain used in zero-day attacks to steal data (source)
- Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-23 | CVE-2024-40766 | Unspecified vulnerability in Sonicwall Sonicos An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. | 9.8 |