Security updates: Attackers can paralyze Sonicwall firewalls
Some Sonicwall firewalls are vulnerable. Attacks could be imminent.
(Image: JLStock/Shutterstock.com)
If attackers successfully exploit a vulnerability in various Sonicwall firewall models, they can, in the worst case, take devices out of service. Protected versions are available for download.
Themanufacturer lists the affected Gen6 and Gen7 models in a post. These include NSv10 and TZ270, which state that they have closed the vulnerability (CVE-2024-40764"high") in versions 6.5.4.v-21s-RC2457, 7.0.1-5161, 7.1.1-7058 and 7.1.2-7019.
The vulnerability is said to affect the SonicOS IPSec component. A remote attacker could use this component without authentication to carry out a DoS attack. So far there are no reports of ongoing attacks.
(des)
