{
    "file_item": {
        "filepath": "security-advisories",
        "filename": "CERT-EU-SA2024-089.pdf"
    },
    "title": "Critical Vulnerability in SonicWall SonicOS",
    "serial_number": "2024-089",
    "publish_date": "27-08-2024 08:04:41",
    "description": "On August 23, 2024, SonicWall issued a security advisory regarding a critical access control vulnerability (CVE-2024-40766) in its SonicOS. This flaw could allow attackers to gain unauthorised access to resources or cause the firewall crash. <br>\nIt is recommended updating as soon as possible. <br>\n",
    "url_title": "2024-089",
    "content_markdown": "---\ntitle: 'Critical Vulnerability in\u00a0SonicWall\u00a0SonicOS'\nnumber: '2024-089'\nversion: '1.0'\noriginal_date: 'August 23, 2024'\ndate: 'August 26, 2024'\n---\n\n_History:_\n\n* _26/08/2024 --- v1.0 -- Initial publication_\n\n# Summary\n\nOn August 23, 2024, SonicWall issued a security advisory regarding a critical access control vulnerability (**CVE-2024-40766**) in its SonicOS. This flaw could allow attackers to gain unauthorised access to resources or cause the firewall crash [1]. \n\nIt is recommended updating as soon as possible. \n\n# Technical Details\n\nThe vulnerability `CVE-2024-40766`, with a CVSS score of 9.3, is caused by improper access control in the SonicOS management interface, potentially leading to unauthorised access and firewall crashes [2].\n\n# Affected Products\n\n- Gen 5: SOHO devices running version 5.9.2.14-12o and older;\n- Gen 6: TZ, NSA, and SM models running versions 6.5.4.14-109n and older;\n- Gen 7: TZ and NSA models running SonicOS build version 7.0.1-5035 and older. \n\n# Recommendations\n\nCERT-EU recommends updating to the latest firmware versions immediately. It is also strongly advised restricting the firewall management access only to trusted sources, or disable WAN management access from the internet.\n\n# References\n\n[1] <https://www.bleepingcomputer.com/news/security/sonicwall-warns-of-critical-access-control-flaw-in-sonicos/>\n\n[2] <https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015>",
    "content_html": "<p><em>History:</em></p><ul><li><em>26/08/2024 --- v1.0 -- Initial publication</em></li></ul><h2 id=\"summary\">Summary</h2><p>On August 23, 2024, SonicWall issued a security advisory regarding a critical access control vulnerability (<strong>CVE-2024-40766</strong>) in its SonicOS. This flaw could allow attackers to gain unauthorised access to resources or cause the firewall crash [1]. </p><p>It is recommended updating as soon as possible. </p><h2 id=\"technical-details\">Technical Details</h2><p>The vulnerability <code>CVE-2024-40766</code>, with a CVSS score of 9.3, is caused by improper access control in the SonicOS management interface, potentially leading to unauthorised access and firewall crashes [2].</p><h2 id=\"affected-products\">Affected Products</h2><ul><li>Gen 5: SOHO devices running version 5.9.2.14-12o and older;</li><li>Gen 6: TZ, NSA, and SM models running versions 6.5.4.14-109n and older;</li><li>Gen 7: TZ and NSA models running SonicOS build version 7.0.1-5035 and older. </li></ul><h2 id=\"recommendations\">Recommendations</h2><p>CERT-EU recommends updating to the latest firmware versions immediately. It is also strongly advised restricting the firewall management access only to trusted sources, or disable WAN management access from the internet.</p><h2 id=\"references\">References</h2><p>[1] <a rel=\"noopener\" target=\"_blank\" href=\"https://www.bleepingcomputer.com/news/security/sonicwall-warns-of-critical-access-control-flaw-in-sonicos/\">https://www.bleepingcomputer.com/news/security/sonicwall-warns-of-critical-access-control-flaw-in-sonicos/</a></p><p>[2] <a rel=\"noopener\" target=\"_blank\" href=\"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015\">https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015</a></p>",
    "licence": {
        "title": "Creative Commons Attribution 4.0 International (CC-BY 4.0)",
        "link": "https://creativecommons.org/licenses/by/4.0/",
        "restrictions": "https://cert.europa.eu/legal-notice",
        "author": "The Cybersecurity Service for the Union institutions, bodies, offices and agencies"
    }
}