Description

An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions.

INFO

Published Date :

2024-08-23T06:19:07.229Z

Last Modified :

2025-10-21T22:55:46.444Z

Source :

sonicwall
AFFECTED PRODUCTS

The following products are affected by CVE-2024-40766 vulnerability.

Vendors Products
Sonicwall
  • Nsa 2650
  • Nsa 2700
  • Nsa 3600
  • Nsa 3650
  • Nsa 3700
  • Nsa 4600
  • Nsa 4650
  • Nsa 4700
  • Nsa 5600
  • Nsa 5650
  • Nsa 5700
  • Nsa 6600
  • Nsa 6650
  • Nsa 6700
  • Nssp 10700
  • Nssp 11700
  • Nssp 12400
  • Nssp 12800
  • Nssp 13700
  • Sm9800
  • Sm 9200
  • Sm 9250
  • Sm 9400
  • Sm 9450
  • Sm 9600
  • Sm 9650
  • Soho
  • Soho 250
  • Soho 250w
  • Sohow
  • Sonicos
  • Tz270
  • Tz270w
  • Tz370
  • Tz370w
  • Tz470
  • Tz470w
  • Tz570
  • Tz570p
  • Tz570w
  • Tz670
  • Tz 300
  • Tz 300p
  • Tz 300w
  • Tz 350
  • Tz 350w
  • Tz 400
  • Tz 400w
  • Tz 500
  • Tz 500w
  • Tz 600
  • Tz 600p
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-40766.

URL Resource
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015 cve-icon cve-icon
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-40766 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact