Unrated severityCISA KEVNVD Advisory· Published Aug 23, 2024· Updated Oct 21, 2025
CVE-2024-40766
CVE-2024-40766
Description
An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions.
Affected products
2Patches
Vulnerability mechanics
References
1- psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015mitrevendor-advisory
News mentions
2- CVE-2024-40766: The Patch Fixed the Bug. Nobody Fixed the Configuration., (Tue, Jun 23rd)SANS Internet Storm Center · Jun 23, 2026
- Ransomware Tactics, Techniques, and Procedures in a Shifting Threat LandscapeMandiant Threat Intelligence · Mar 16, 2026