Security News > 2024 > September > CISA confirms that SonicWall vulnerability is getting exploited (CVE-2024-40766)

CISA confirms that SonicWall vulnerability is getting exploited (CVE-2024-40766)
2024-09-10 12:26

The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-40766 – a recently fixed improper access control vulnerability affecting SonicWall’s firewalls – to its Known Exploited Vulnerabilities catalog, thus confirming it is being actively exploited by attackers. Though the KEV entry does not say that it’s being leveraged in ransomware campaigns, both Arctic Wolf and Rapid7 say that there is indirect evidence pointing to that. What we know so far On the same day … More → The post CISA confirms that SonicWall vulnerability is getting exploited (CVE-2024-40766) appeared first on Help Net Security.


News URL

https://www.helpnetsecurity.com/2024/09/10/cve-2024-40766-exploited/

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-08-23 CVE-2024-40766 Unspecified vulnerability in Sonicwall Sonicos
An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash.
network
low complexity
sonicwall
critical
 9.8
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Sonicwall 129 6 90 47 33 176