SonicWall has released security updates to address a critical flaw affecting firewalls that, if successfully exploited, could allow attackers to gain unauthorized access to devices.
Vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), was described as an incorrect access control error.
“An improper access control vulnerability has been identified in SonicWall SonicOS management access, which could potentially lead to unauthorized access to resources and, under certain conditions, lead to a firewall failure,” the company said in a statement. said in an advisory issued last week.
“This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and earlier.”
The issue has been addressed in the following versions –
- SOHO (5th Generation Firewalls) – 5.9.2.14-13o
- 6th gen firewalls – 6.5.2.8-2n (for SM9800, NSsp 12400 and NSsp 12800) and 6.5.4.15.116n (for other 6th gen firewalls)
SonicWall said the vulnerability does not reproduce in SonicOS firmware versions higher than 7.0.1-5035, although users are advised to install the latest firmware version.
The network equipment vendor makes no mention of exploiting the flaw in the wild. However, it is critical that users take steps to quickly apply patches to protect against potential threats.
Last year, Google-owned Mandiant revealed that a suspected Chinese Nexus threat actor, tracked as UNC4540, deployed unpatched SonicWall Secure Mobile Access (SMA) 100 appliances to drop Tiny SHell and establish long-term containment.
Various clusters of China-related activities are increasingly shifting operations to focus on edge infrastructure to disrupt targets and basic remote access without attracting any attention.
This includes an invasion kit called the Velvet Ant that was recently discovered using a zero-day exploit against Cisco Switch devices to spread a new malware called VELVETSHELL, a hybrid tweaked version of Tiny SHell and 3proxy.
