CVE-2024-40766
SonicWall SonicOS Improper Access Control Vulnerab - [Actively Exploited]
Description
An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions.
INFO
Published Date :
Aug. 23, 2024, 7:15 a.m.
Last Modified :
Sept. 11, 2024, 11:14 a.m.
Source :
[email protected]
Remotely Exploitable :
Yes !
Impact Score :
5.9
Exploitability Score :
3.9
CISA KEV (Known Exploited Vulnerabilities)
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild.
SonicWall SonicOS contains an improper access control vulnerability that could lead to unauthorized resource access and, under certain conditions, may cause the firewall to crash.
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015; https://nvd.nist.gov/vuln/detail/CVE-2024-40766
Public PoC/Exploit Available at Github
CVE-2024-40766 has a 1 public PoC/Exploit available at Github.
Go to the Public Exploits tab to see the list.
Affected Products
The following products are affected by CVE-2024-40766
vulnerability.
Even if cvefeed.io is aware of the exact versions of the
products
that
are
affected, the information is not represented in the table below.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2024-40766.
| URL | Resource |
|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015 | Vendor Advisory |
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Ostorlab KEV: One-command to detect most remotely known exploitable vulnerabilities. Sourced from CISA KEV, Google's Tsunami, Ostorlab's Asteroid and Bug Bounty programs.
cisa-kev vulnerability 0day cisa exploits
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2024-40766 vulnerability anywhere in the article.
-
Cybersecurity News
Multiple Critical Vulnerabilities Found in D-Link WiFi Routers: Immediate Firmware Updates Advised
Multiple critical vulnerabilities in D-Link routers have been disclosed, potentially affecting millions of users worldwide. TWCERT/CC, Taiwan’s cybersecurity agency, has issued urgent advisories, urgi ... Read more
-
The Register
23andMe settles class-action breach lawsuit for $30 million
Infosec In Brief Genetic testing outfit 23andMe has settled a proposed class action case related to a 2023 data breach for $30 million. Documents [PDF] filed in a San Francisco federal court last Thur ... Read more
-
Help Net Security
Week in review: Veeam Backup & Replication RCE could soon be exploited, Microsoft fixes 4 0-days
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Veeam Backup & Replication RCE flaw may soon be leveraged by ransomware gangs (CVE-2024-40711) CVE-202 ... Read more
-
Cybersecurity News
Cisco Issues Security Advisories: Critical Vulnerabilities Impact Multiple Products
Cisco Systems has released a series of urgent security advisories, revealing a total of nine vulnerabilities affecting various products, including Cisco IOS XR Software, Crosswork Network Services Orc ... Read more
-
Help Net Security
Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes
September 2024 Patch Tuesday is here and Microsoft has delivered 79 fixes, including those for a handful of zero-days (CVE-2024-38217, CVE-2024-38226, CVE-2024-38014, CVE-2024-43461) exploited by atta ... Read more
-
Help Net Security
CISA confirms that SonicWall vulnerability is getting exploited (CVE-2024-40766)
The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-40766 – a recently fixed improper access control vulnerability affecting SonicWall’s firewalls – to its Known Exploite ... Read more
-
security.nl
Kritiek lek in SonicWall-firewalls gebruikt bij ransomware-aanvallen
Een kritieke kwetsbaarheid in de firewalls van SonicWall wordt gebruikt bij ransomware-aanvallen, zo stellen verschillende securitybedrijven. De kwetsbaarheid (CVE-2024-40766) is aanwezig in de manage ... Read more
-
Cybersecurity News
CISA Alerts on Active Exploitation of Flaws in ImageMagick, Linux Kernel, and SonicWall
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning, adding three actively exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The agency’ ... Read more
-
TheCyberThrone
CISA KEV Update Part II – September 2024.
The US CISA added below vulnerabilities to the Known Exploited Vulnerability Catalog based on the evidence of active exploitationCVE-2024-40766 SonicWall SonicOS contains an improper access control vu ... Read more
-
BleepingComputer
Critical SonicWall SSLVPN bug exploited in ransomware attacks
Ransomware affiliates exploit a critical security vulnerability in SonicWall SonicOS firewall devices to breach victims' networks. Tracked as CVE-2024-40766, this improper access control flaw affects ... Read more
-
Dark Reading
Akira Ransomware Actors Exploit SonicWall Bug for RCE
Source: Michael Vi via ShutterstockThreat actors, including Akira ransomware affiliates, have begun exploiting a critical remote code execution (RCE) vulnerability that SonicWall disclosed — and patch ... Read more
-
Cybersecurity News
Akira Ransomware Exploits SonicWall SSLVPN Flaw (CVE-2024-40766)
SonicWall has issued a warning: the recently patched critical access control vulnerability, tracked as CVE-2024-40766, is now actively exploited in the wild. The flaw, originally thought to impact onl ... Read more
-
The Hacker News
SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation
Network Security / Threat Detection SonicWall has revealed that a recently patched critical security flaw impacting SonicOS may have come under active exploitation, making it essential that users appl ... Read more
-
security.nl
SonicWall waarschuwt voor actief misbruik van kritiek firewall-lek
SonicWall waarschuwt organisaties voor actief misbruik van een kritieke kwetsbaarheid in de firewalls die het levert. Organisaties worden opgeroepen de eind augustus beschikbaar gestelde beveiligingsu ... Read more
-
BleepingComputer
SonicWall SSLVPN access control flaw is now exploited in attacks
SonicWall is warning that a recently fixed access control flaw tracked as CVE-2024-40766 in SonicOS is now "potentially" exploited in attacks, urging admins to apply patches as soon as possible. "This ... Read more
-
Cybersecurity News
SonicWall Confirms Critical CVE-2024-40766 Vulnerability Actively Exploited in the Wild
On September 5, 2024, SonicWall updated its security advisory with an urgent warning: CVE-2024-40766, a critical access control vulnerability within SonicOS, is being actively exploited by cybercrimin ... Read more
-
europa.eu
Cyber Brief 24-09 - August 2024
Cyber Brief (August 2024)September 4, 2024 - Version: 1.0TLP:CLEARExecutive summaryWe analysed 249 open source reports for this Cyber Brief1.Relating to cyber policy and law enforcement, in Europe, th ... Read more
-
Cybersecurity News
CVE-2024-7971: North Korean APT Citrine Sleet Exploits Chromium Zero-Day
In a recent cybersecurity report, Microsoft Threat Intelligence has revealed that a North Korean threat actor, believed to be Citrine Sleet, has been actively exploiting a zero-day vulnerability (CVE- ... Read more
-
Cybersecurity News
CVE-2024-6386 (CVSS 9.9) in WPML Plugin Exposes Millions of WordPress Sites to RCE Attacks
A severe security flaw (CVE-2024-6386, CVSS 9.9) has been discovered in the widely-used WPML plugin for WordPress, potentially exposing over one million websites to the risk of complete takeover. The ... Read more
-
Help Net Security
SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766)
SonicWall has patched a critical vulnerability (CVE-2024-40766) in its next-gen firewalls that could allow remote attackers unauthorized access to resources and, in specific conditions, to crash the a ... Read more
-
security.nl
SonicWall-firewalls via kritieke kwetsbaarheid op afstand aan te vallen
Een kritieke kwetsbaarheid in het besturingssysteem dat op firewalls van fabrikant SonicWall draait maakt het mogelijk voor aanvallers om de apparaten of stand aan te vallen. SonicWall heeft beveiligi ... Read more
-
BleepingComputer
SonicWall warns of critical access control flaw in SonicOS
SonicWall's SonicOS is vulnerable to a critical access control flaw that could allow attackers to gain access unauthorized access to resources or cause the firewall to crash. The flaw has received the ... Read more
-
The Hacker News
SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access
Vulnerability / Enterprise Security SonicWall has released security updates to address a critical flaw impacting its firewalls that, if successfully exploited, could grant malicious actors unauthorize ... Read more
-
TheCyberThrone
SolarWinds fixes CVE-2024-28987 in WHD Product
SolarWinds has released an update to a new security flaw in its Web Help Desk (WHD) software that could allow remote unauthenticated attackers to gain unauthorized access to vulnerable instances.The v ... Read more
-
TheCyberThrone
Sonicwall fixes CVE-2024-40766 in SonicOS
SonicWall has released patch for a critical vulnerability affecting their SonicOS and could allow unauthorized access to SonicWall firewalls, potentially leading to a complete system compromise.The v ... Read more
-
Cybersecurity News
SonicWall Issues Urgent Patch for Critical Firewall Vulnerability (CVE-2024-40766)
SonicWall, a prominent network security provider, has released a security advisory warning users of a critical vulnerability (CVE-2024-40766) affecting their SonicOS operating system. The vulnerabilit ... Read more
-
Cybersecurity News
Researcher Details Microsoft Outlook Zero-Click Vulnerability (CVE-2024-38021)
Morphisec researchers have detailed a critical vulnerability in Microsoft Outlook, identified as CVE-2024-38021, which has the potential to allow remote attackers to execute arbitrary code on vulnerab ... Read more
The following table lists the changes that have been made to the
CVE-2024-40766 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
Initial Analysis by [email protected]
Sep. 11, 2024
Action Type Old Value New Value Added CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Changed Reference Type https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015 No Types Assigned https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015 Vendor Advisory Added CWE NIST NVD-CWE-noinfo Added CPE Configuration AND OR *cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* versions up to (excluding) 5.9.2.14-13o OR cpe:2.3:h:sonicwall:soho:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* versions up to (excluding) 6.5.2.8-2n OR cpe:2.3:h:sonicwall:nssp_12400:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp_12800:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm9800:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* versions up to (excluding) 6.5.2.8-2n OR cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_350w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* versions up to (including) 7.0.1-5035 OR cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:* -
CVE CISA KEV Update by 9119a7d8-5eab-497f-8521-727c672e3725
Sep. 10, 2024
Action Type Old Value New Value Added Date Added 2024-09-09 Added Required Action Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Added Vulnerability Name SonicWall SonicOS Improper Access Control Vulnerability Added Due Date 2024-09-30 -
CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0
Sep. 06, 2024
Action Type Old Value New Value Added CVSS V3.1 CISA-ADP AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L -
CVE Received by [email protected]
Aug. 23, 2024
Action Type Old Value New Value Added Description An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions. Added Reference SonicWALL, Inc. https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015 [No types assigned] Added CWE SonicWALL, Inc. CWE-284
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2024-40766 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2024-40766
weaknesses.