A critical vulnerability, CVE-2024-40766, was patched by SonicWall in August 2024, but many configurations remain unfixed, leaving firewalls exposed1. This improper access control flaw, with a CVSS score of 9.3, affects the management interface and SSLVPN service on SonicWall's Gen 5, Gen 6, and Gen 7 firewalls, running specific firmware versions. Successful exploitation can grant unauthorized access to the firewall, and under certain conditions, even crash the device entirely. The vulnerability was disclosed in SonicWall's advisory SNWLID-2024-0015, highlighting the need for users to update their firmware and review configurations. Despite the patch being available, many devices may still be vulnerable due to outdated configurations, expanding the active attack surface. This oversight poses a significant risk, making it essential for practitioners to prioritize updates based on their exposure and exploitation evidence. So what matters is that cybersecurity teams must take immediate action to review and fix their SonicWall configurations to prevent potential attacks.
CVE-2024-40766: The Patch Fixed the Bug. Nobody Fixed the Configuration., (Tue, Jun 23rd)
⚡ High Priority
Why This Matters
CVE-2024-40766 disclosure expands the active attack surface — prioritize based on your exposure and exploitation evidence.
References
- SANS Internet Storm. (2026, June 23). CVE-2024-40766: The Patch Fixed the Bug. Nobody Fixed the Configuration. *SANS Internet Storm*. https://isc.sans.edu/diary/rss/33094
Original Source
SANS Internet Storm
Read original →