CVE-2024-40766
SonicWall SonicOS Improper Access Control Vulnerability - [Actively Exploited]
Description
An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions.
INFO
Published Date :
Aug. 23, 2024, 7:15 a.m.
Last Modified :
Sept. 16, 2024, 7:48 p.m.
Remotely Exploit :
Yes !
Source :
[email protected]
CISA KEV (Known Exploited Vulnerabilities)
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild.
SonicWall SonicOS contains an improper access control vulnerability that could lead to unauthorized resource access and, under certain conditions, may cause the firewall to crash.
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015; https://nvd.nist.gov/vuln/detail/CVE-2024-40766
Affected Products
The following products are affected by CVE-2024-40766
vulnerability.
Even if cvefeed.io
is aware of the exact versions of the
products
that
are
affected, the information is not represented in the table below.
CVSS Scores
Score | Version | Severity | Vector | Exploitability Score | Impact Score | Source |
---|---|---|---|---|---|---|
CVSS 3.1 | CRITICAL | [email protected] | ||||
CVSS 3.1 | CRITICAL | 134c704f-9b21-4f2e-91b3-4a467353bcc0 |
Solution
- Upgrade to the relevant fixed version referenced in the vendor security advisory.
Public PoC/Exploit Available at Github
CVE-2024-40766 has a 2 public
PoC/Exploit
available at Github.
Go to the Public Exploits
tab to see the list.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2024-40766
.
URL | Resource |
---|---|
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015 | Vendor Advisory |
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2024-40766
is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2024-40766
weaknesses.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Scripts to help automate various administrative tasks
Python
Ostorlab KEV: One-command to detect most remotely known exploitable vulnerabilities. Sourced from CISA KEV, Google's Tsunami, Ostorlab's Asteroid and Bug Bounty programs.
cisa-kev vulnerability 0day cisa exploits
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2024-40766
vulnerability anywhere in the article.

-
CybersecurityNews
SonicWall Confirms No New SSLVPN 0-Day – Ransomware Attack Linked to Old Vulnerability
Cybersecurity firm SonicWall has officially addressed recent concerns about a potential new zero-day vulnerability in its Secure Sockets Layer Virtual Private Network (SSLVPN) products. In a statement ... Read more

-
BleepingComputer
SonicWall finds no SSLVPN zero-day, links ransomware attacks to 2024 flaw
SonicWall says that recent Akira ransomware attacks exploiting Gen 7 firewalls with SSLVPN enabled are exploiting an older vulnerability rather than a zero-day flaw. The company says that the attacker ... Read more

-
Help Net Security
SonicWall: Attackers did not exploit zero-day vulnerability to compromise Gen 7 firewalls
Akira ransomware affiliates are not leveraging an unknown, zero-day vulnerability in SonicWall Gen 7 firewalls to breach corporate networks, the security vendor shared today. “Instead, there is a sign ... Read more

-
The Hacker News
SonicWall Confirms Patched Vulnerability Behind Recent VPN Attacks, Not a Zero-Day
Aug 07, 2025Ravie LakshmananNetwork Security / Vulnerability SonicWall has revealed that the recent spike in activity targeting its Gen 7 and newer firewalls with SSL VPN enabled is related to an ol ... Read more

-
security.nl
SonicWall: recente SSLVPN-aanvallen zeer waarschijnlijk geen zeroday
Bij recente aanvallen op SonicWall-firewalls is zeer waarschijnlijk geen gebruikgemaakt van een zerodaylek, zo laat SonicWall zelf weten. Het securitybedrijf denkt dat de aanvallen samenhangen met een ... Read more

-
Help Net Security
SonicWall firewalls targeted in ransomware attacks, possibly via zero-day
Attackers wielding the Akira ransomware and possibly a zero-day exploit have been spotted targeting SonicWall firewalls since July 15, 2025. “In the intrusions reviewed, multiple pre-ransomware intrus ... Read more

-
Daily CyberSecurity
Buffer Overflows & XSS in SonicWall SMA 100 Expose Devices to RCE – Patch Immediately!
SonicWall has released a security updates for its Secure Mobile Access (SMA) 100 series appliances, addressing three newly disclosed vulnerabilities that impact versions up to 10.2.1.15-81sv. The advi ... Read more

-
Daily CyberSecurity
SonicWall Warns: Trojanized NetExtender VPN Client Stealing Credentials in Active Campaign
SonicWall, in collaboration with Microsoft Threat Intelligence (MSTIC), has uncovered a sophisticated campaign that distributes a Trojanized version of SonicWall’s NetExtender VPN client, masquerading ... Read more

-
Daily CyberSecurity
HelloTDS Unmasked: Covert Traffic System Funnels Millions to FakeCaptcha Malware!
A complex and evasive infrastructure dubbed HelloTDS is silently steering millions of internet users into the clutches of malware—particularly FakeCaptcha, a social engineering attack masquerading as ... Read more

-
Daily CyberSecurity
SonicWall Exploit Chain Exposes Admin Hijack Risk via CVE-2023-44221 and CVE-2024-38475
Image: watchTowr A newly exploit chain targeting SonicWall’s Secure Mobile Access (SMA) appliances has been released. Published by watchTowr Labs, the technical disclosure outlines how two distinct vu ... Read more

-
Daily CyberSecurity
SonicWall Issues Patch for SSRF Vulnerability in SMA1000 Appliances
SonicWall’s Product Security Incident Response Team (PSIRT) has issued an important update for its SMA1000 series appliances following the discovery of a Server-Side Request Forgery (SSRF) vulnerabili ... Read more

-
Daily CyberSecurity
SonicWall Confirms Active Exploitation of SMA 100 Vulnerabilities – Urges Immediate Patching
On April 29, 2025, SonicWall issued an urgent update to two previously disclosed vulnerabilities affecting its SMA 100 Series appliances, confirming that both flaws are now actively being exploited in ... Read more

-
TheCyberThrone
CVE-2025-32818 impacts SonicOS SSLVPN
CVE-2025-32818 is a critical vulnerability affecting the SonicOS SSLVPN Virtual Office interface. This flaw allows remote, unauthenticated attackers to exploit a Null Pointer Dereference, causing the ... Read more

-
Daily CyberSecurity
High-Severity SonicWall SSLVPN Vulnerability Allows Firewall Crashing
SonicWall has disclosed a vulnerability affecting its SonicOS SSLVPN Virtual Office interface, which, if exploited, could allow remote attackers to crash firewall appliances. Tracked as CVE-2025-32818 ... Read more

-
Daily CyberSecurity
FOG Ransomware Campaign Targets Multiple Sectors with Phishing and Payload Obfuscation
The initial ransom note dropped that uses DOGE-related references to troll | Image: Trend Micro Trend Micro has identified a recent campaign involving FOG ransomware, demonstrating the adaptability of ... Read more

-
Help Net Security
5,000+ SonicWall firewalls still open to attack (CVE-2024-53704)
5,000+ SonicWall firewalls are still vulnerable to attack via a high-severity vulnerability (CVE-2024-53704) that, according to SonicWall, should be considered “at imminent risk of exploitation”. The ... Read more

-
Cybersecurity News
Thousands of SonicWall Devices Remain Vulnerable to CVE-2024-40766
In September 2024, a critical vulnerability in SonicWall NSA devices, tracked as CVE-2024-40766, was disclosed. Since then, threat actors Akira and Fog have reportedly exploited this flaw to infiltrat ... Read more

-
security.nl
'Tienduizenden SonicWall-firewalls online bevatten kritiek lek of zijn end-of-life'
Tienduizenden firewalls van fabrikant SonicWall die vanaf het internet benaderbaar zijn bevatten kritieke kwetsbaarheden of zijn end-of-life. Dat stelt securitybedrijf Bishop Fox op basis van eigen on ... Read more

-
Cybersecurity News
Akira v2 Emerges: Rust-Based Ransomware Raises the Stakes
The Akira ransomware took a significant leap earlier this year with the introduction of a new Rust-based variant, according to a detailed analysis from Check Point Research (CPR). This version, known ... Read more

-
Kaspersky
IT threat evolution in Q3 2024. Non-mobile statistics
IT threat evolution in Q3 2024 IT threat evolution in Q3 2024. Non-mobile statistics IT threat evolution in Q3 2024. Mobile statistics The statistics presented here are based on detection verdicts by ... Read more
The following table lists the changes that have been made to the
CVE-2024-40766
vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
Reanalysis by [email protected]
Sep. 16, 2024
Action Type Old Value New Value Changed CPE Configuration AND OR *cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* versions up to (excluding) 6.5.2.8-2n OR cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_350w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:* AND OR *cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* versions up to (excluding) 6.5.4.15.116n OR cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_350w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:* -
Initial Analysis by [email protected]
Sep. 11, 2024
Action Type Old Value New Value Added CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Changed Reference Type https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015 No Types Assigned https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015 Vendor Advisory Added CWE NIST NVD-CWE-noinfo Added CPE Configuration AND OR *cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* versions up to (excluding) 5.9.2.14-13o OR cpe:2.3:h:sonicwall:soho:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* versions up to (excluding) 6.5.2.8-2n OR cpe:2.3:h:sonicwall:nssp_12400:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp_12800:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm9800:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* versions up to (excluding) 6.5.2.8-2n OR cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_350w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* versions up to (including) 7.0.1-5035 OR cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:* -
CVE CISA KEV Update by 9119a7d8-5eab-497f-8521-727c672e3725
Sep. 10, 2024
Action Type Old Value New Value Added Date Added 2024-09-09 Added Required Action Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Added Vulnerability Name SonicWall SonicOS Improper Access Control Vulnerability Added Due Date 2024-09-30 -
CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0
Sep. 06, 2024
Action Type Old Value New Value Added CVSS V3.1 CISA-ADP AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L -
CVE Received by [email protected]
Aug. 23, 2024
Action Type Old Value New Value Added Description An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions. Added Reference SonicWALL, Inc. https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015 [No types assigned] Added CWE SonicWALL, Inc. CWE-284