SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766)
SonicWall has patched a critical vulnerability (CVE-2024-40766) in its next-gen firewalls that could allow remote attackers unauthorized access to resources and, in specific conditions, to crash the appliances.
cve-2024-40766="" sonicwall-sonicos-improper-access-control-vulnerability="" "="" title="SonicWall SonicOS Improper Access Control Vulnerability">CVE-2024-40766" title="SonicWall">
About CVE-2024-40766
CVE-2024-40766 is an improper access control vulnerability in the “SonicWall SonicOS management access”, the company says.
“This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions.”
Security updates fixing the vulnerability are available for all currently supported next-gen firewall models.
“This vulnerability is not reproducible in SonicOS firmware version higher than 7.0.1-5035,” the company noted, but nevertheless advised users to install the latest firmware.
Though upgrading to a fixed version is preferred, there is an alternative, i.e., a workaround to minimize the potential of exploitation: users can restrict firewall management access to trusted sources (e.g., whitelist specific IP addresses) or disable firewall WAN management access from internet sources.
No exploitation detected
SonicWall’s security solutions are widely used and occasionally targeted by attackers seeking a way into corporate networks.
In 2021, researchers discovered that attackers have leveraged zero-day flaws in SonicWall Email Security appliances, as well as a zero-day in the company’s Secure Mobile Access (SMA) 100 series appliances.
There is currently no mention of CVE-2024-40766 being exploited in the wild.
The vulnerability has a 9.3 CVSS v3 base score, and the associated vector string says it’s remotely exploitable with no privileges or user interaction required. Also, the complexity of the attack that would trigger the flaw is considered to be “low”.
SonicWall’s description of this exploitable weakness is, understandably, very superficial, but threat actors might do some patch diffing (to identify the changes to binaries made by SonicWall’s security updates) and thus infer the flaw’s trigger and find a way to create a working exploit.
Admins are advised to implement the security updates as soon as possible.
Versa fixes Director zero-day vulnerability exploited in attacks
Patelco notifies 726,000 customers of ransomware data breach
CVE-2025-22224 VMware ESXi and Workstation TOCTOU Race Condition Vulnerability
CVE-2020-29574 CyberoamOS (CROS) SQL Injection Vulnerability
CVE-2018-19410 Paessler PRTG Network Monitor Local File Inclusion Vulnerability
CVE-2025-2783 Google Chromium Mojo Sandbox Escape Vulnerability
CVE-2018-8639 Microsoft Windows Win32k Improper Resource Shutdown or Release Vulnerability
CVE-2025-0111 Palo Alto Networks PAN-OS File Read Vulnerability
CVE-2024-49035 Microsoft Partner Center Improper Access Control Vulnerability
CVE-2024-50302 Linux Kernel Use of Uninitialized Resource Vulnerability
CVE-2017-0148 Microsoft SMBv1 Server Remote Code Execution Vulnerability
InformationalInformation Disclosure - Suspicious Comments
HighPII Disclosure
Free online web security scanner
