August 26, 2024 at 11:36AM SonicWall has released security updates to fix a critical flaw (CVE-2024-40766) in its firewalls, affecting Gen 5, Gen 6, and Gen 7 devices running certain SonicOS versions. The vulnerability could allow unauthorized access and cause the firewall to crash. Users are urged to install the latest firmware to mitigate potential … Read more
August 26, 2024 at 10:47AM SonicWall’s SonicOS is at risk due to a critical access control flaw, posing potential unauthorized resource access or firewall crash. Based on the meeting notes, it appears that SonicWall’s SonicOS is vulnerable to a critical access control flaw. This flaw could potentially allow attackers to gain unauthorized access to resources … Read more
August 26, 2024 at 09:12AM SonicWall warns about a critical vulnerability in its SonicOS network security appliances, tracked as CVE-2024-40766. The flaw could allow unauthorized access and firewall crashes. It affects SonicWall Gen 5, Gen 6, and Gen 7 firewalls, with updates available for affected versions. Customers are urged to patch their systems promptly due … Read more
January 16, 2024 at 09:39AM Over 178,000 SonicWall firewalls are susceptible to two security vulnerabilities. These flaws could lead to denial-of-service conditions and remote code execution. While there’s no evidence of exploits, a proof-of-concept for one vulnerability has been released. The cybersecurity firm warns that bad actors could use these flaws to trigger repeated crashes … Read more
January 16, 2024 at 09:12AM Report: Many SonicWall next-generation firewall devices are unpatched for critical vulnerabilities CVE-2022-22274 and CVE-2023-0656, with potential for DoS and RCE attacks. Over 178,000 vulnerable devices found, and new PoC exploits developed. Recommendations include applying patches immediately due to known exploitation in malicious attacks. Key Takeaways from Meeting Notes: – Cybersecurity … Read more
December 13, 2023 at 05:42AM UK-based cybersecurity firm Sophos announced patches for a critical code injection vulnerability in Firewall versions 19.0 MR1 and older, giving attackers the ability to execute remote code. The company also warned of a new exploit and urged organizations to update to supported versions to mitigate the risk. Additionally, patches have … Read more
October 10, 2023 at 06:06PM Microsoft’s October Patch Tuesday update addressed two zero-day vulnerabilities that were actively being attacked, affecting Microsoft WordPad and Skype for Business. A critical-rated bug in Message Queuing was also patched. The update included a total of 103 CVEs, with 13 critical-rated vulnerabilities and 20% of the fixes related to Microsoft … Read more