Close Menu
Indo Guard OnlineIndo Guard Online
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
What's Hot

CISA adds flaws of Erlang SSH and RoundCube to famous exploited directory vulnerabilities

June 10, 2025

More than 70 organizations in several sectors aimed at Chinese Cyber ​​Spying Group

June 9, 2025

Two different botnets exploit the vulnerability of the WAZUH server to launch attacks based on peaceful

June 9, 2025
Facebook X (Twitter) Instagram
Facebook X (Twitter) Instagram YouTube
Indo Guard OnlineIndo Guard Online
Subscribe
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
Indo Guard OnlineIndo Guard Online
Home » SonicWall Releases Critical Patch for Firewall Vulnerability That Could Allow Unauthorized Access
Global Security

SonicWall Releases Critical Patch for Firewall Vulnerability That Could Allow Unauthorized Access

AdminBy AdminAugust 26, 2024No Comments2 Mins Read
Firewall Vulnerability
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link


August 26, 2024Ravi LakshmananVulnerability / Enterprise Security

Firewall vulnerability

SonicWall has released security updates to address a critical flaw affecting firewalls that, if successfully exploited, could allow attackers to gain unauthorized access to devices.

Vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), was described as an incorrect access control error.

“An improper access control vulnerability has been identified in SonicWall SonicOS management access, which could potentially lead to unauthorized access to resources and, under certain conditions, lead to a firewall failure,” the company said in a statement. said in an advisory issued last week.

“This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and earlier.”

Cyber ​​security

The issue has been addressed in the following versions –

  • SOHO (5th Generation Firewalls) – 5.9.2.14-13o
  • 6th gen firewalls – 6.5.2.8-2n (for SM9800, NSsp 12400 and NSsp 12800) and 6.5.4.15.116n (for other 6th gen firewalls)

SonicWall said the vulnerability does not reproduce in SonicOS firmware versions higher than 7.0.1-5035, although users are advised to install the latest firmware version.

The network equipment vendor makes no mention of exploiting the flaw in the wild. However, it is critical that users take steps to quickly apply patches to protect against potential threats.

Last year, Google-owned Mandiant revealed that a suspected Chinese Nexus threat actor, tracked as UNC4540, deployed unpatched SonicWall Secure Mobile Access (SMA) 100 appliances to drop Tiny SHell and establish long-term containment.

Cyber ​​security

Various clusters of China-related activities are increasingly shifting operations to focus on edge infrastructure to disrupt targets and basic remote access without attracting any attention.

This includes an invasion kit called the Velvet Ant that was recently discovered using a zero-day exploit against Cisco Switch devices to spread a new malware called VELVETSHELL, a hybrid tweaked version of Tiny SHell and 3proxy.

Did you find this article interesting? Follow us Twitter  and LinkedIn to read more exclusive content we publish.





Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Admin
  • Website

Related Posts

CISA adds flaws of Erlang SSH and RoundCube to famous exploited directory vulnerabilities

June 10, 2025

More than 70 organizations in several sectors aimed at Chinese Cyber ​​Spying Group

June 9, 2025

Two different botnets exploit the vulnerability of the WAZUH server to launch attacks based on peaceful

June 9, 2025

Think what your IDP or CASB covers the shadow? These 5 risks prove differently

June 9, 2025

Openai prohibits chatgpt accounts used by Russian, Iranian and Chinese hacking groups

June 9, 2025

Operation malicious network supply software gets to NPM and Pypi ecosystems, focusing on millions worldwide

June 8, 2025
Add A Comment
Leave A Reply Cancel Reply

Loading poll ...
Coming Soon
Do You Like Our Website
: {{ tsp_total }}

Subscribe to Updates

Get the latest security news from Indoguardonline.com

Latest Posts

CISA adds flaws of Erlang SSH and RoundCube to famous exploited directory vulnerabilities

June 10, 2025

More than 70 organizations in several sectors aimed at Chinese Cyber ​​Spying Group

June 9, 2025

Two different botnets exploit the vulnerability of the WAZUH server to launch attacks based on peaceful

June 9, 2025

Think what your IDP or CASB covers the shadow? These 5 risks prove differently

June 9, 2025

Openai prohibits chatgpt accounts used by Russian, Iranian and Chinese hacking groups

June 9, 2025

Operation malicious network supply software gets to NPM and Pypi ecosystems, focusing on millions worldwide

June 8, 2025

Extension of the malicious browser has infected 722 users across Latin America since the beginning of 2025

June 8, 2025

New company Atomic MacOS Campation Exploaits Clickfix to focus on Apple users

June 6, 2025
About Us
About Us

Provide a constantly updating feed of the latest security news and developments specific to Indonesia.

Facebook X (Twitter) Pinterest YouTube WhatsApp
Our Picks

CISA adds flaws of Erlang SSH and RoundCube to famous exploited directory vulnerabilities

June 10, 2025

More than 70 organizations in several sectors aimed at Chinese Cyber ​​Spying Group

June 9, 2025

Two different botnets exploit the vulnerability of the WAZUH server to launch attacks based on peaceful

June 9, 2025
Most Popular

In Indonesia, crippling immigration ransomware breach sparks privacy crisis

July 6, 2024

Why Indonesia’s Data Breach Crisis Calls for Better Security

July 6, 2024

Indonesia’s plan to integrate 27,000 govt apps in one platform welcomed but data security concerns linger

July 6, 2024
© 2025 indoguardonline.com
  • Home
  • About us
  • Contact us
  • Privacy Policy

Type above and press Enter to search. Press Esc to cancel.