SonicWall Product Security Update Advisory (CVE-2024-40766)

Sep 09 2024

Overview

An update has been released to address vulnerabilities in SonicWall Products. Users of the affected versions are advised to update to the latest version.

Affected Products

CVE-2024-40766

Gen5 SOHO versions: ~ 5.9.2.14-12o (inclusive)
Gen6 Firewalls versions: ~ 6.5.4.14-109n (inclusive)
Gen7 Firewalls versions: ~ SonicOS build version 7.0.1-5035 (inclusive)

Resolved Vulnerabilities

Improper access control vulnerability was discovered in SonicWall SonicOS management access, which could potentially lead to unauthorized resource access and cause the firewall to crash under certain conditions (CVE-2024-40766)

Vulnerability Patches

The following product-specific Vulnerability Patches have been made available in the latest update. If you are using an affected version, Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-40766

Gen5 SOHO version: 5.9.2.14-13o
Gen6 Firewalls version: 6.5.2.8-2n (for SM9800, NSsp 12400, NSsp 12800)
Gen6 Firewalls version: 6.5.4.15.116n (for other Gen6 firewall appliances)
Gen7 Firewalls version: 7.0.1-5035 or later version (we recommend installing the latest firmware)

References

[1] CVE-2024-40766 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-40766

[2] SonicWall Vulnerability List

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015

SonicWall Product Security Update Advisory (CVE-2024-40766)

Cisco Products September 2024 First Security Update Advisory

IBM Product Security Update Advisory

Tags:

Cisco Products September 2024 First Security Update Advisory

IBM Product Security Update Advisory