Security News > 2024 > September > SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation
2024-09-06 15:55
SonicWall has revealed that a recently patched critical security flaw impacting SonicOS may have come under active exploitation, making it essential that users apply the patches as soon as possible. The vulnerability, tracked as CVE-2024-40766, carries a CVSS score of 9.3 out of a maximum of 10. "An improper access control vulnerability has been identified in the SonicWall SonicOS management
News URL
https://thehackernews.com/2024/09/sonicwall-urges-users-to-patch-critical.html
Related news
- SonicWall firewall exploit lets hackers hijack VPN sessions, patch now (source)
- SonicWall firewalls now under attack: Patch ASAP or risk intrusion via your SSL VPN (source)
- Netgear warns users to patch critical WiFi router vulnerabilities (source)
- Microsoft’s Patch Tuesday Fixes 63 Flaws, Including Two Under Active Exploitation (source)
- SonicWall firewall bug leveraged in attacks after PoC exploit release (source)
- Choose your own Patch Tuesday adventure: Start with six zero day fixes, or six critical flaws (source)
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-23 | CVE-2024-40766 | Unspecified vulnerability in Sonicwall Sonicos An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. | 9.8 |