Shield53

SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access

Written by

chris.stewart

in

,

SonicWall has issued an urgent patch to fix a critical vulnerability in its SonicOS firewall operating system, designated as CVE-2024-40766. This flaw, which has a CVSS severity score of 9.3, is due to improper access control in the management interface of SonicOS. If exploited, it could allow unauthorized access to the firewall, potentially leading to a complete system compromise or even causing the firewall to crash under certain conditions.

Affected Versions

The vulnerability impacts multiple generations of SonicWall firewalls, specifically:

  • Gen 5 Firewalls: All devices running SonicOS versions prior to 5.9.2.14-13o.

  • Gen 6 Firewalls:

    • SM9800, NSsp 12400, and NSsp 12800 running SonicOS 6.5.2.8-2n.

    • Other Gen 6 Firewall appliances running SonicOS 6.5.4.15.116n.

  • Gen 7 Firewalls: Devices running SonicOS versions 7.0.1-5035 and older.

The vulnerability is not reproducible on Gen 7 devices running SonicOS firmware versions higher than 7.0.1-5035, but SonicWall still advises updating to the latest firmware version to ensure security​ risk is mitigated

Resolution and Mitigation

SonicWall has provided firmware updates that address the vulnerability across all affected versions. Users are strongly encouraged to apply these updates as soon as possible. The specific firmware versions that resolve the issue include:

  • Gen 5 Firewalls: Upgrade to SonicOS 5.9.2.14-13o.

  • Gen 6 Firewalls:

    • SM9800, NSsp 12400, and NSsp 12800 should upgrade to SonicOS 6.5.2.8-2n.

    • Other Gen 6 Firewall appliances should upgrade to SonicOS 6.5.4.15.116n.

  • Gen 7 Firewalls: Upgrade to a version higher than SonicOS 7.0.1-5035.

For administrators who are unable to immediately install the patch, SonicWall recommends temporary workarounds to mitigate potential risks. These include restricting firewall management access to trusted IP addresses or completely disabling WAN management access from the internet​.

Given the critical nature of this vulnerability and the potential for exploitation, it is imperative that organizations take swift action to secure their systems.

More posts