Security News > 2024 > September > SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation
2024-09-06 15:55
SonicWall has revealed that a recently patched critical security flaw impacting SonicOS may have come under active exploitation, making it essential that users apply the patches as soon as possible. The vulnerability, tracked as CVE-2024-40766, carries a CVSS score of 9.3 out of a maximum of 10. "An improper access control vulnerability has been identified in the SonicWall SonicOS management
News URL
https://thehackernews.com/2024/09/sonicwall-urges-users-to-patch-critical.html
Related news
- SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access (source)
- SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766) (source)
- Week in review: SonicWall critical firewalls flaw fixed, APT exploits WPS Office for Windows RCE (source)
- Critical Progress WhatsUp RCE flaw now under active exploitation (source)
- Critical Security Flaw in WhatsUp Gold Under Active Attack - Patch Now (source)
- SolarWinds Releases Patch for Critical Flaw in Web Help Desk Software (source)
- You probably want to patch this critical GitHub Enterprise Server bug now (source)
- SonicWall warns of critical access control flaw in SonicOS (source)
- CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation Reports (source)
- Critical SonicWall SSLVPN bug exploited in ransomware attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-23 | CVE-2024-40766 | Unspecified vulnerability in Sonicwall Sonicos An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. | 9.8 |