CVE-2024-40766
Essential information
- Published
- 09/09/2024 02:00
- Modified
- 21/12/2025 07:17
- Author
- Cybersecurity and Infrastructure Security Agency
- Creator
- Cybersecurity and Infrastructure Security Agency
- CVSS
- 9.8 CRITICAL (v3.1)
- CISA KEV
- Yes
- CWE
- —
- CVSS vector
-
—
CVSS:3.1/AV:N/C:H/I:H/A:H—
CVSS metrics
- Access vector
- —
- Access complexity
- —
- Authentication
- —
- Confidentiality impact
- —
- Integrity impact
- —
- Availability impact
- —
- Exploitability
- —
- Remediation level
- —
- Report confidence
- —
- Temporal score
- —
- Attack vector
- Network
- Attack complexity
- LOW
- Privileges required
- NONE
- User interaction
- NONE
- Scope
- UNCHANGED
- Confidentiality impact
- High
- Integrity impact
- High
- Availability impact
- High
- Exploit code maturity
- —
- Remediation level
- —
- Report confidence
- —
- Temporal score
- —
- Attack vector
- —
- Attack complexity
- —
- Attack requirements
- —
- Privileges required
- —
- User interaction
- —
- Confidentiality (V)
- —
- Confidentiality (S)
- —
- Integrity (V)
- —
- Integrity (S)
- —
- Availability (V)
- —
- Availability (S)
- —
- Exploit maturity
- —
Description
An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions.
NVD status
- Status
- Analyzed — CVE has been recently published to the CVE List and has been received by the NVD.
- Source
- [email protected]
- NVD
- View on NVD
Affected products (CPE)
| Product | CPE |
|---|---|
| sonicwall / sonicos | cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* |
| sonicwall / soho | cpe:2.3:h:sonicwall:soho:-:*:*:*:*:*:*:* |
| sonicwall / sonicos | cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* |
| sonicwall / nssp 12400 | cpe:2.3:h:sonicwall:nssp_12400:-:*:*:*:*:*:*:* |
| sonicwall / nssp 12800 | cpe:2.3:h:sonicwall:nssp_12800:-:*:*:*:*:*:*:* |
| sonicwall / sm9800 | cpe:2.3:h:sonicwall:sm9800:-:*:*:*:*:*:*:* |
| sonicwall / sonicos | cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* |
| sonicwall / nsa 2650 | cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:* |
| sonicwall / nsa 3600 | cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:* |
| sonicwall / nsa 3650 | cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:* |
| sonicwall / nsa 4600 | cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:* |
| sonicwall / nsa 4650 | cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:* |
| sonicwall / nsa 5600 | cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:* |
| sonicwall / nsa 5650 | cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:* |
| sonicwall / nsa 6600 | cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:* |
| sonicwall / nsa 6650 | cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:* |
| sonicwall / sm 9200 | cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:* |
| sonicwall / sm 9250 | cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:* |
| sonicwall / sm 9400 | cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:* |
| sonicwall / sm 9450 | cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:* |
| sonicwall / sm 9600 | cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:* |
| sonicwall / sm 9650 | cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:* |
| sonicwall / soho 250 | cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:* |
| sonicwall / soho 250w | cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:* |
| sonicwall / sohow | cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:* |
| sonicwall / tz 300 | cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:* |
| sonicwall / tz 300p | cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:* |
| sonicwall / tz 300w | cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:* |
| sonicwall / tz 350 | cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:* |
| sonicwall / tz 350w | cpe:2.3:h:sonicwall:tz_350w:-:*:*:*:*:*:*:* |
| sonicwall / tz 400 | cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:* |
| sonicwall / tz 400w | cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:* |
| sonicwall / tz 500 | cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:* |
| sonicwall / tz 500w | cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:* |
| sonicwall / tz 600 | cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:* |
| sonicwall / tz 600p | cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:* |
| sonicwall / sonicos | cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* |
| sonicwall / nsa 2700 | cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:* |
| sonicwall / nsa 3700 | cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:* |
| sonicwall / nsa 4700 | cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:* |
| sonicwall / nsa 5700 | cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:* |
| sonicwall / nsa 6700 | cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:* |
| sonicwall / nssp 10700 | cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:* |
| sonicwall / nssp 11700 | cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:* |
| sonicwall / nssp 13700 | cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:* |
| sonicwall / tz270 | cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:* |
| sonicwall / tz270w | cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:* |
| sonicwall / tz370 | cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:* |
| sonicwall / tz370w | cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:* |
| sonicwall / tz470 | cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:* |
| sonicwall / tz470w | cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:* |
| sonicwall / tz570 | cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:* |
| sonicwall / tz570p | cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:* |
| sonicwall / tz570w | cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:* |
| sonicwall / tz670 | cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:* |