SonicWall has recently disclosed a critical security vulnerability affecting its SonicOS management access, identified as CVE-2024-40766.
This vulnerability, classified as an improper access control issue (CWE-284), has been assigned a high CVSS v3 score of 9.3.
It poses significant risks, potentially allowing unauthorized access to resources and, in certain conditions, causing the firewall to crash.
“An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash” SonicWall report.
The vulnerability impacts a broad range of SonicWall devices across multiple generations. Specifically, it affects Gen 5 devices, including SOHO models running firmware version 5.9.2.14-12o and older.
Gen 6 devices are also vulnerable, including various SOHOW, TZ, NSA, and SM series firewalls with firmware version 6.5.4.14-109n and older.
Additionally, Gen 7 devices, such as the TZ, NSa, and NSsp series, running SonicOS build version 7.0.1-5035 and older, are affected. SonicWall strongly advises users to update to the latest firmware versions to mitigate these risks.
SonicWall recommends restricting firewall management access to trusted sources or disabling WAN management access from Internet sources to minimize potential impacts.
SonicWall’s support resources provide detailed guidance on restricting SonicOS admin access. Users are urged to apply the latest patches available on mysonicwall.com as soon as possible. For further assistance, contacting SonicWall Technical Support is recommended.
Workaround
SonicWall has released fixed firmware versions to address this vulnerability. For Gen 5 devices, the update is to version 5.9.2.14-13o. Gen 6 devices have different updates available, including version 6.5.2.8-2n for specific models and 6.5.4.15.116n for others.
For Gen 7 devices, the issue is resolved in firmware versions higher than 7.0.1-5035. SonicWall emphasizes the importance of installing the latest firmware to ensure security.
“To minimize potential impact please restrict firewall management access to trusted sources or disable firewall WAN management access from Internet sources. For more information see, how-can-i-restrict-SonicOS-admin-access.”
This swift response by SonicWall underscores SonicWall’s commitment to maintaining robust product security.
Users should stay informed about updates and best practices to protect their networks from threats. For more information and to access the latest firmware updates, visit SonicWall’s official website or contact their support team.
This advisory highlights the critical nature of keeping network security devices updated and configured according to best practices to prevent unauthorized access and potential service disruptions.
Protect Your Business with Cynet Managed All-in-One Cybersecurity Platform – Try Free Trial