CVE-2024-40766
SonicWall SonicOS Improper Access Control Vulnerability
CVSS
—
Sin CVSS
EPSS
15.6%
p96
KEV
SÍ
9 sept 2024
Exploit Today
79
0-100
Publicado: — · Última mod.: —
Producto
SonicWall / SonicOS
Vulnerabilidad
SonicWall SonicOS Improper Access Control Vulnerability
Añadido a KEV
9 sept 2024
Remediar antes de
30 sept 2024
Uso conocido en ransomware
Sí
Descripción resumida
SonicWall SonicOS contains an improper access control vulnerability that could lead to unauthorized resource access and, under certain conditions, may cause the firewall to crash.
Acción requerida
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notas
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015; https://www.sonicwall.com/support/notices/gen-7-and-newer-sonicwall-firewalls-sslvpn-recent-threat-activity/kA1VN0000000RDG0A2 ; https://nvd.nist.gov/vuln/detail/CVE-2024-40766