SonicWall has disclosed a critical heap-based buffer overflow vulnerability in its SonicOS IPSec VPN.
This flaw, identified as CVE-2024-40764, can potentially allow unauthenticated, remote attackers to cause a Denial of Service (DoS) condition.
The vulnerability has been rated with a CVSS v3 score of 7.5, indicating a high severity level.
The vulnerability, which affects multiple versions of SonicWall’s Gen6 and Gen7 platforms, was first published on July 17, 2024.
SonicWall has provided a workaround and is working on a patch to address this critical issue.
| Advisory ID | SNWLID-2024-0012 |
| First Published | 2024-07-17 |
| Last Updated | 2024-07-17 |
| Workaround | True |
| Status | Applicable |
| CVE | CVE-2024-40764 |
| CWE | CWE-122 |
| CVSS v3 | 7.5 |
| CVSS Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
The heap-based buffer overflow vulnerability in the SonicOS IPSec VPN allows an unauthenticated remote attacker to exploit the system, leading to a Denial of Service (DoS) condition.
Protect Your Business Emails From Spoofing, Phishing & BEC with AI-Powered Security | Free Demo
This could disrupt services and potentially cause significant operational downtime for affected organizations.
The vulnerability impacts a wide range of SonicWall products across different versions. Below is a detailed list of the affected platforms and their respective versions:
| Impacted Platforms | Impacted Version |
| Gen6 NSv – NSv10, NSv25, NSv50, NSv100, NSv200, NSv300, NSv400, NSv800, NSv1600 | 6.5.4.4-44v-21-2395 and older versions |
| Gen7 – TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670, NSa 2700, NSa 3700, NSa 4700, NSa 5700, NSa 6700, NSsp 10700, NSsp 11700, NSsp 13700, NSsp 15700, NSv 270, NSv 470, NSv 870 | 7.0.1-5151 and older versions, 7.1.1-7051 and older versions |
To mitigate the potential impact of this vulnerability, SonicWall recommends restricting inbound IPSec VPN access to trusted sources or disabling IPSec VPN access from Internet sources. This temporary measure should be implemented until the official patch is applied.
Organizations are encouraged to contact SonicWall Technical Support for further assistance restricting or disabling IPSec VPN access.
SonicWall has released fixed versions for the affected platforms. Below is a list of the fixed platforms and their respective versions:
| Fixed Platforms | Fixed Version |
| Gen6 NSv – NSv10, NSv25, NSv50, NSv100, NSv200, NSv300, NSv400, NSv800, NSv1600 | 6.5.4.v-21s-RC2457 |
| Gen7 – TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670, NSa 2700, NSa 3700, NSa 4700, NSa 5700, NSa 6700, NSsp 10700, NSsp 11700, NSsp 13700, NSsp 15700, NSv 270, NSv 470, NSv 870 | 7.0.1-5161, 7.1.1-7058, 7.1.2-7019 |
Organizations using SonicWall products are urged to take immediate action to mitigate the risk posed by CVE-2024-40764.
Businesses can protect their systems from potential DoS attacks by restricting or disabling IPSec VPN access and applying the necessary patches.
Join our free webinar to learn about combating slow DDoS attacks, a major threat today.
A new tactic, "ClickFix," has emerged. It exploits fake Google Meet and Zoom pages to…
APT36, a sophisticated threat actor, has been actively targeting Indian entities with advanced malware like…
Researchers uncovered two previously unknown endpoints with older Cortex XDR agents that used to test…
The Phish, 'n' Ships fraud operation leverages, compromised websites to redirect users to fake online…
Google has released a batch of security updates addressing 40 vulnerabilities, two of which are…
The threat actor known as IntelBroker, in collaboration with EnergyWeaponUser, has claimed responsibility for a…