SonicWall has recently disclosed a critical security vulnerability affecting SonicOS that may be actively exploited, underscoring the importance of promptly applying the patches.
Known as CVE-2024-40766, the vulnerability has a CVSS score of 9.3 out of 10.
“An improper access control vulnerability has been identified in the SonicWall SonicOS management access and SSLVPN, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash,” stated SonicWall in an updated advisory.
SonicWall has disclosed that the vulnerability also impacts the firewall’s SSLVPN feature and has provided patches for affected versions.
- SOHO (Gen 5 Firewalls) – 5.9.2.14-13o
- Gen 6 Firewalls – 6.5.2.8-2n (for SM9800, NSsp 12400, and NSsp 12800) and 6.5.4.15.116n (for other Gen 6 Firewall appliances)
The network security provider has updated the bulletin to highlight the possibility of active exploitation of CVE-2024-40766.
“This vulnerability is potentially being exploited in the wild,” it added. “Please apply the patch as soon as possible for affected products.”
Additional steps to mitigate the risk include enabling multi-factor authentication (MFA) for SSLVPN users and recommending immediate password updates for locally managed accounts.
While details of active exploitation remain unknown, previous incidents have shown that unpatched SonicWall appliances are prime targets for threat actors.