Sunday, September 15, 2024
HomeCVE/vulnerabilitySonicWall Access Control Vulnerability Exploited in the Wild

SonicWall Access Control Vulnerability Exploited in the Wild

Published on

SonicWall has issued an urgent advisory regarding a critical vulnerability in its SonicOS management access and SSLVPN.

The flaw, identified as CVE-2024-40766, is actively exploited in the wild. It potentially allows unauthorized access to resources and, under certain conditions, causes firewalls to crash.

The vulnerability affects SonicWall Gen 5 and Gen 6 devices and Gen 7 devices running SonicOS 7.0.1-5035 and older versions. SonicWall has urged users to apply the latest patches immediately to mitigate potential risks.

- Advertisement - EHA

Details of the Vulnerability

The vulnerability, classified under CWE-284: Improper Access Control, has a CVSS v3 score of 9.3, indicating its critical nature.

The CVSS vector is CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L, highlighting the ease of exploitation and the potential for severe impact on confidentiality.

Are You From SOC/DFIR Teams? - Try Advanced Malware and Phishing Analysis With ANY.RUN - 14 day free trial

The advisory, first published on August 23, 2024, and last updated on September 6, 2024, emphasizes the urgency of addressing this issue.

SonicWall has provided a workaround for those unable to immediately apply the patch. It recommends restricting firewall management to trusted sources and disabling SSLVPN access from the Internet.

Affected Products and Versions

The following table summarizes the impacted platforms and versions:

Impacted PlatformsImpacted Versions
SOHO (Gen 5)5.9.2.14-12o and older versions
Gen6 Firewalls6.5.4.14-109n and older versions
Gen7 FirewallsSonicOS build version 7.0.1-5035 and older versions

SonicWall has released patches for the affected products, available for download on mysonicwall.com.

Users are strongly encouraged to install the latest firmware to protect their systems from potential exploitation. For those unable to apply the patch immediately, SonicWall recommends the following actions:

  • Restrict firewall management to trusted sources.
  • Disable firewall WAN management from Internet access.
  • Limit SSLVPN access to trusted sources or disable it entirely from the Internet.

For detailed instructions on implementing these workarounds, users can refer to SonicWall’s support articles on restricting SonicOS admin access and setting up SSL VPN.

Fixed Software Versions

The following table provides information on the fixed software versions:

Fixed PlatformsFixed Versions
SOHO (Gen 5)5.9.2.14-13o
Gen6 Firewalls6.5.2.8-2n (for SM9800, NSsp 12400, NSsp 12800)
6.5.4.15.116n (for other Gen6 Firewall appliances)
Gen7 FirewallsFirmware version higher than 7.0.1-5035

The discovery of this vulnerability underscores the importance of maintaining up-to-date security measures in network devices.

Organizations using SonicWall products should act swiftly to apply the necessary patches and implement recommended workarounds to safeguard their networks.

SonicWall Technical Support can assist users with any questions or additional information required to address this critical vulnerability. As cyber threats evolve, staying informed and proactive is essential in protecting digital assets.

What Does MITRE ATT&CK Expose About Your Enterprise Security? - Watch Free Webinar!

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Kali Linux 2024.3 Released With New Hacking Tools

Kali Linux 2024.3, the most recent iteration of Offensive Security's highly regarded Debian-based distribution...

Hacker Tricks ChatGPT to Get Details for Making Homemade Bombs

A hacker known as Amadon has reportedly managed to bypass the safety protocols of...

Citrix Workspace App Vulnerable to Privilege Escalation Attacks

Citrix released a security bulletin (CTX691485) detailing two critical vulnerabilities in the Citrix Workspace...

Beware Of Weaponized Excel Document That Delivers Fileless Remcos RAT

A recent advanced malware campaign leverages a phishing attack to deliver a seemingly benign...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

Kali Linux 2024.3 Released With New Hacking Tools

Kali Linux 2024.3, the most recent iteration of Offensive Security's highly regarded Debian-based distribution...

Hacker Tricks ChatGPT to Get Details for Making Homemade Bombs

A hacker known as Amadon has reportedly managed to bypass the safety protocols of...

Citrix Workspace App Vulnerable to Privilege Escalation Attacks

Citrix released a security bulletin (CTX691485) detailing two critical vulnerabilities in the Citrix Workspace...