Advisory 99: CVE-2024-40766 - SonicOS improper Access Control Vulnerability
Release Date: 10th of September 2025
Impact : HIGH / CRITICAL
TLP Rating: Clear 
CERT Vanuatu (CERTVU) and the Department of Communication and Digital Transformation (DCDT) provide the following advisory.
This alert is relevant to Organizations and individuals that utilize the above products. This alert is intended to be understood by technical users and systems administrators.
What is it?
An improper access control vulnerability identified in the SonicWall SonicOS management access and SSLVPN, potentially leading to unauthorized resource access, and in specific conditions cause the firewall to crash.
What are the Systems affected?
This vulnerability affects SonicWall Gen 5 and Gen 6 devices as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions
What this means?
How attackers could exploit this vulnerability.
- Unauthorized Access via improper Access Controls – The vulnerability enables attackers -without authentications – to circumvent access controls and gain unauthorized access.
- Ransomware Deployment (Notably Akira)– Once inside via compromised SSL VPN access, attackers – particularly the affiliates of the Akira ransomware – use this entry point to launch ransomware or enable data exfiltration
Mitigation process
- Upgrade and apply latest patch of the affected versions. See here for details versions can view viewed here for CVE-2024-40766 Security Advisory.
- Password update for Local Users – SonicWall strongly recommends that all users of Gen5 and Gen6 firewalls with locally managed SSLVPN accounts immediately update their password to enhance security and prevent unauthorized access
Read more on Gen7 and newer SonicWall Firewalls = SSLVPN threat activity.
References
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015
- https://aus01.safelinks.protection.outlook.com/GetUrlReputation
- Download advisory (English): CVE-2024-40766 - SonicOS improper Access Control Vulnerability