September 6, 2024 at 09:18AM
SonicWall warns customers of a potential exploit in a recently patched SonicOS vulnerability (CVE-2024-40766). The vulnerability impacts Gen 5, Gen 6, and Gen 7 firewalls, allowing unauthorized access and possible crashes. They advise immediate patching and password updates to mitigate risks. There are no reports of exploitation yet.
Based on the meeting notes, here are the key takeaways:
1. SonicWall has warned customers about a recently patched vulnerability, CVE-2024-40766, which may be exploited in the wild.
2. The vulnerability impacts Gen 5, Gen 6, and Gen 7 firewalls and is described as an improper access control issue in the SonicOS management access and SSLVPN.
3. Exploiting this vulnerability can lead to unauthorized resource access and may cause the firewall to crash.
4. SonicWall has updated its advisory to inform customers that the vulnerability is potentially being exploited in the wild.
5. It is recommended that customers patch their devices as soon as possible, particularly those using GEN5 and GEN6 firewalls with SSLVPN users, who are advised to update their passwords immediately.
6. While SecurityWeek has not seen any information on attacks involving CVE-2024-40766, it is known that threat actors have exploited SonicWall product vulnerabilities in the past, including zero-days.
7. Mandiant reported identifying sophisticated malware believed to be of Chinese origin on a SonicWall appliance last year.
8. Previous reports indicated vulnerabilities in SonicWall firewalls, including DoS attacks and critical vulnerabilities in GMS and analytics products.
These takeaways provide a comprehensive summary of the meeting notes, capturing the most important information for further action and decision-making.