CVE-2024-40766: Critical Improper Access Control Vulnerability in SonicOS

ISGroup Cybersecurity

A critical vulnerability in SonicWall SonicOS allows unauthorized access to management resources and can cause firewall crashes. This flaw affects widely used Gen 5, Gen 6, and Gen 7 devices running SonicOS up to and including version 7.0.1-5035. The fact that SonicWall is widely adopted by large organizations makes unauthorized access and potential disruptions a significant security risk.

ProductSonicWALL SonicOS
Date2024-08-28 14:20:33

Technical Summary

CVE-2024-40766 is a critical vulnerability in SonicWall SonicOS that allows unauthorized access to management resources and can cause firewall crashes. It affects widely used Gen 5, Gen 6, and Gen 7 devices running SonicOS 7.0.1-5035 and earlier versions. This flaw is particularly concerning because SonicWall is widely used by large organizations, making unauthorized access and potential disruptions a significant security risk.

[Callforaction-THREAT-Footer]