VYPR
Unrated severityCISA KEVNVD Advisory· Published Aug 23, 2024· Updated Oct 21, 2025

CVE-2024-40766

CVE-2024-40766

Description

An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions.

Affected products

2
  • SonicWall/Sonicosllm-fuzzy2 versions
    <=7.0.1-5035 (on Gen 7); Gen 5 and Gen 6 devices also affected+ 1 more
    • (no CPE)range: <=7.0.1-5035 (on Gen 7); Gen 5 and Gen 6 devices also affected
    • (no CPE)range: 5.9.2.14-12o and older versions

Patches

Vulnerability mechanics

References

1

News mentions

2