Security News > 2024 > September > CISA confirms that SonicWall vulnerability is getting exploited (CVE-2024-40766)
2024-09-10 12:26
The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-40766 – a recently fixed improper access control vulnerability affecting SonicWall’s firewalls – to its Known Exploited Vulnerabilities catalog, thus confirming it is being actively exploited by attackers. Though the KEV entry does not say that it’s being leveraged in ransomware campaigns, both Arctic Wolf and Rapid7 say that there is indirect evidence pointing to that. What we know so far On the same day … More → The post CISA confirms that SonicWall vulnerability is getting exploited (CVE-2024-40766) appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/09/10/cve-2024-40766-exploited/
Related news
- CISA Flags Actively Exploited Vulnerability in SonicWall SMA Devices (source)
- Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035) (source)
- Yet another SonicWall SMA100 vulnerability exploited in the wild (CVE-2025-32819) (source)
- CISA: Recently fixed Chrome vulnerability exploited in the wild (CVE-2025-4664) (source)
- CISA extends funding to ensure 'no lapse in critical CVE services' (source)
- CVE program gets last-minute funding from CISA – and maybe a new home (source)
- CISA tags SonicWall VPN flaw as actively exploited in attacks (source)
- Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) (source)
- CVE fallout: The splintering of the standard vulnerability tracking system has begun (source)
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-23 | CVE-2024-40766 | Unspecified vulnerability in Sonicwall Sonicos An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. | 9.8 |