SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access
SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access
SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access
Information:
SonicWall next-generation firewalls (NGFW) provide the security, control and visibility you need to maintain an effective cybersecurity posture. SonicWall’s award-winning hardware and advanced technology are built into each firewall to give you the edge on evolving threats.
SonicWall has released security updates to address a critical flaw impacting its firewalls that, if successfully exploited, could grant malicious actors unauthorized access to the devices.
The vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), has been described as an improper access control bug.
"An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash," the company said in an advisory released last week.
Incident:
“This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions."
The issue has been addressed in the below versions
- SOHO (Gen 5 Firewalls) - 5.9.2.14-13o
- Gen 6 Firewalls - 6.5.2.8-2n (for SM9800, NSsp 12400, and NSsp 12800) and 6.5.4.15.116n (for other Gen 6 Firewall appliances)
Recommendation:
Update firmware higher than 7.0.1-5035 or latest firmware.
The important things is Security systems. We must concern and monitor as usual.
For more information please contact
Email :sales@inetms.co.th
065 149 2822 (Ms.Suphatson )
063 204 4534 (Ms.Atsamaphorn)
065 929 6330 (Ms.Kansinee)
References:
-https://www.sonicwall.com/products/firewalls
-https://nvd.nist.gov/vuln/detail/CVE-2024-40766
-https://thehackernews.com/2024/08/sonicwall-issues-critical-patch-for.html
Weekly Interesting CVE
| NO. |
CVE Name |
Published Date |
Last Update |
Device/Appplication/OS Target |
Attack Type |
CVSS |
Detail |
Solution |
Reference |
|---|---|---|---|---|---|---|---|---|---|
| 1 |
CVE-2024-28213 |
7/3/2024 |
22/8/2024 |
nGrinder befor version 3.5.9 |
SQL Injection |
9.8 |
This vulnerability arises from the application's acceptance of serialized Java data from unauthenticated users without proper authorization checks. This allows remote attackers to inject malicious Java code through unsafe Java object deserialization, enabling them to execute harmful code within the system |
Upgrade to version 3.5.9 |
|
| 2 |
CVE-2024-24133 |
7/2/2024 |
22/8/2024 |
Atmail version 6.6.0 |
SQL Injection |
9.8 |
This vulnerability arises because the system does not thoroughly validate and filter the user input in the username field, allowing attackers to inject SQL code into the data sent to the database |
Upgrade to a version that fixes this issue. |
|
| 3 |
CVE-2024-8127 |
24/8/2024 |
27/8/2024 |
D-Link version DNS-120, DNR-202L, DNS-315L |
Command Injection |
9.8 |
This vulnerability affects the cgi_unzip function of the /cgi-bin/webfile_mgr.cgi file, which is part of handling HTTP POST requests. It may lead to a Command Injection attack, allowing attackers to remotely exploit the system. |
Upgrade to a version that fixes this issue. |
|
| 4 |
CVE-2024-8162 |
26/8/2024 |
27/8/2024 |
TOTOLINK T10 AC1200 version 4.1.8cu.5207 |
Remote Attack |
10.0 |
This vulnerability occurs in the /product.ini file related to the Telnet service on the device. The username and password are hardcoded in the device or software's code, which may lead to remote exploitation |
Upgrade to a version that fixes this issue. |
|
| 5 |
CVE-2024-43336 |
26/8/2024 |
27/8/2024 |
WP User Manager befor version 2.9.10 |
Cross-Site Request Forgery |
4.3 |
The attacker will create a link or form for users logged into WP User Manager to click or submit, which could lead to attacks such as altering user account information, sending messages, or changing account settings |
Upgrade to version 2.9.10 |
Malware News or Campaign IOC/IOA | EN
|
No |
Campaign Name |
Detection Date |
Attack Type |
Description |
Mitigation/Remediation |
|---|---|---|---|---|---|
| 1 |
CVE-2024-40766 SonicWall Firewall Exploit |
26/08/2024 |
Unauthorized Access Vulnerability |
SonicWall issued critical patches for firewalls to address a vulnerability (CVE-2024-40766), The vulnerability is an improper access control issue affecting SonicWall SonicOS management access, which could allow unauthorized access and, in some cases, cause the firewall to crash. The flaw affects SonicWall Firewall Gen 5, Gen 6, and certain Gen 7 devices running SonicOS 7.0.1-5035 and older versions. |
Apply Patches: Users should update to the latest firmware versions as recommended
|
Ref: https : https://thehackernews.com/2024/08/sonicwall-issues-critical-patch-for.html
13 September 2024
Viewed 101 time
