DEV Community

Cover image for CVE-2024-40766: SonicWall SonicOS Improper Access Control Vulnerability
Freedom Coder
Freedom Coder

Posted on • Originally published at scyscan.com

CVE-2024-40766: SonicWall SonicOS Improper Access Control Vulnerability

CVE ID

CVE-2024-40766

Vulnerability Name

SonicWall SonicOS Improper Access Control Vulnerability

  • Project: SonicWall
  • Product: SonicOS

Date

  • Date Added: 2024-09-09
  • Due Date: 2024-09-30

Description

SonicWall SonicOS contains an improper access control vulnerability that could lead to unauthorized resource access and, under certain conditions, may cause the firewall to crash.

Known To Be Used in Ransomware Campaigns?

Known

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015; https://nvd.nist.gov/vuln/detail/CVE-2024-40766

Related Security News

More CVEs Info

Common Vulnerabilities & Exposures (CVE) List

Top comments (0)