Security update: Attacks on Sonicwall firewalls can trigger a crash
To protect company networks, administrators should update their Sonicwall firewalls promptly.
(Image: JLStock/Shutterstock.com)
Attackers can exploit a vulnerability in Sonicwall firewalls and cause devices to crash. So far there are no reports of ongoing attacks, but Sonicwall advises admins to update quickly.
Security problem
In a warning message, the developers write that the vulnerability (CVE-2024-40766) is classified as"high". The vulnerability specifically affects the management access of SonicOS and threatens firewalls of the Gen5, Gen6 and Gen7 series. However, Gen7 is only threatened up to and including the now obsolete SonicOS version 7.0.1-5035. Admins should therefore ensure that they have installed an up-to-date SonicOS version on devices of this generation.
Videos by heise
Because the access control does not function correctly due to the vulnerability, attackers can cause firewalls to crash under certain, unspecified conditions. The developers are not currently explaining in detail how such attacks could take place.
Patch now!
To protect networks, admins must install the secured versions 5.9.2.14-13o, 6.5.2.8-2n (for SM9800, NSsp 12400, NSsp 12800) or 6.5.4.15.116n (for all other Gen6 firewalls). Sonicwall lists the specific firewall models affected in an article.
Admins should also ensure that access to the management interface is restricted. In particular, the far-reaching admin access should only be active for selected users for security reasons. Sonicwall explains how this can be configured in a support article. In addition, the management interface should preferably not be accessible from the Internet in order to reduce the attack surface.
(des)
