Vulnerabilities > CVE-2024-40766 - Unspecified vulnerability in Sonicwall Sonicos
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions.
Vulnerable Configurations
Related news
- SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access (source)
- SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766) (source)
- Week in review: SonicWall critical firewalls flaw fixed, APT exploits WPS Office for Windows RCE (source)
- SonicWall SSLVPN access control flaw is now exploited in attacks (source)
- SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation (source)
- CISA confirms that SonicWall vulnerability is getting exploited (CVE-2024-40766) (source)
- Fog ransomware targets SonicWall VPNs to breach corporate networks (source)