SonicWall patches critical firewall security flaw

Improper access control bug fixed with recent SonicWall patch

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

SonicWall has patched a critical vulnerability in itsfirewallservice which could have allowed crooks to access the underlying device.

The company released a patch and a follow-up advisory, in which it explained discovering, and fixing, an improper access control bug. The flaw is tracked as CVE-2024-40766, and carries a severity score of 9.3, which makes it critical.

“An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash,” the advisory reads.

Patches and workarounds

The company further explained that SonicWall Firewall Gen 5 and Gen 6 devices are affected by this bug. Gen 7 devices are also vulnerable, albeit those running SonicOS 7.0.1-5035 and older.

To secure the endpoints from potential break-ins, users should update their firewalls to these versions:

SOHO (Gen 5 Firewalls) - 5.9.2.14-13oGen 6 Firewalls - 6.5.2.8-2n (for SM9800, NSsp 12400, and NSsp 12800) and 6.5.4.15.116n (for other Gen 6 Firewall appliances)

The company said that the devices running SonicOS firmware version higher than 7.9.1-5035 should be safe, since the bug cannot be reproduced. However, installing the latest firmware is recommended.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Those who are unable toinstall the patchshould go for the workaround, which includes restricting firewall management access to only the people they trust. Alternatively, they can disable firewall WAN management access from all internet sources, too.

So far, there were no reports of in-the-wild abuse. However, if history is any teacher, now with the patch released and knowledge of the bug available, it’s only a matter of time before crooks start scanning the internet for vulnerable endpoints. Previously, SonicWall’s solutions were targeted by Chinese state-sponsored hackers, who devised a piece ofmalwarethat was even capable of surviving firmware updates.

ViaThe Hacker News

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

We might have our first look at the long-rumored Samsung tri-fold