High Threat Security Alert (A24-08-13): Vulnerability in SonicWall Products


 

Published on: 23 August 2024

Last update on: 09 September 2024

  
  

Description:

SonicWall released a security advisory to address a vulnerability in SonicWall systems. An attacker could exploit the vulnerability by sending specially crafted requests to an affected system.

Reports indicate that the improper access control vulnerability (CVE-2024-40766) in SonicWall SonicOS is at high risk of exploitation. System administrators are advised to take immediate action to patch your affected systems to mitigate the elevated risk of cyber attacks.

 

Affected Systems:

  • SonicOS versions prior to 5.9.2.14-13o, 6.5.2.8-2n, 6.5.4.15.116n, 7.0.1-5035

For detailed information of the affected systems, please refer to the corresponding security advisories at vendor's website.

 

Impact:

Successful exploitation of the vulnerability could lead to remote code execution, denial of service or information disclosure on the affected system.

 

Recommendation:

Patches for affected systems are now available. Administrators of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40766


Tag: SonicWall , SonicOS
Tags