SonicWall Confirms No Zero-Day Used in Attacks

share
Header image

SonicWall Confirms No Zero-Day Used in Attacks

share

Vulnerabiity currently being exploited was addressed a year ago.


SonicWall has issued a statement about recent activity related to its Gen 7 firewalls. 

In an email to SC UK, SonicWall said based on its investigation, it has “high confidence that this activity is related to CVE-2024-40766, which was previously disclosed and documented in our public advisory SNWLID-2024-0015.” The company was keen to point out that this is not a new zero-day or unknown vulnerability.

That flaw was reported and published a year ago, and is an “improper access control vulnerability” in the SonicWall SonicOS management access, potentially leading to unauthorised resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions.

The issue came about after it actively investigated a recent increase in reported cyber incidents involving a number of Gen 7 firewalls running various firmware versions with SSLVPN enabled.

Legacy Credential Use

Saying there are only 40 confirmed cases, which “appears to be linked to legacy credential use during migrations from Gen 6 to Gen 7 firewalls,” SonicWall has issued updated guidance, including steps to change credentials and upgrade to SonicOS 7.3.0, which includes enhanced MFA protections. 

Its statement continued: “Since the initial discovery, SonicWall has taken a proactive approach to ensure transparency and protection for our community. We’ve directly notified affected customers and partners, published detailed mitigation guidance, and shared updates through our official channels, including a live knowledge base (KB) article.”



Written by
Dan Raywood
Dan Raywood

Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.

Network SecurityVulnerabilities and Flaws Published: 7 August Written by
Dan Raywood
Dan Raywood

Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.

Upcoming Events

No events found.

Related content

Iran and the New CNI Threat

Iran and the New CNI Threat

 Vulnerability Management and the AI Challenge

Vulnerability Management and the AI Challenge

 Identity-Based Attacks: The Threat and How to Mitigate It

Identity-Based Attacks: The Threat and How to Mitigate It
Critical Apache Struts 2 bug could enable data theft, SSRF intrusions

Critical Apache Struts 2 bug could enable data theft, SSRF intrusions

 The 4 Worst Vulnerabilities of 2025 – And How To Boost Patch Management in 2026

The 4 Worst Vulnerabilities of 2025 – And How To Boost Patch Management in 2026

 Critical Citrix NetScaler Flaw Threatens Over 28k Instances

Critical Citrix NetScaler Flaw Threatens Over 28k Instances
Preparing Network Convergence for Security Consolidation

Preparing Network Convergence for Security Consolidation