CVE-2024-40766

SONICWALL -- Repost, but just in case.... On August 5th, Sophos Managed Detection and Response (MDR) released an initial security advisory warning of potential zero-day exploitation in SonicWall SSLVPNs. Since then, new information has been provided by SonicWall. There have also been additional findings from Sophos' continued investigation into these …

SonicWall: Attackers did not exploit zero-day vulnerability to compromise Gen 7 firewalls Akira ransomware affiliates are not leveraging an unknown, zero-day vulnerability in SonicWall Gen 7 firewalls to breach corporate networks, the security vendor shared today. “Instead, there is a significant correlation with threat... **CVEs:** CVE-2024-40766 **Source:** https://www.helpnetsecurity.com/2025/08/07/sonicwall-gen-7-firewalls-exploit-vulnerability/

SonicWall Confirms Patched Vulnerability Behind Recent VPN Attacks, Not a Zero-Day SonicWall has revealed that the recent spike in activity targeting its Gen 7 and newer firewalls with SSL VPN enabled is related to an older, now-patched bug and password reuse. "We now have high confidence that the recent SSL …

Security Watch 8/8/25 On K12TechPro, we've launched a weekly cyber threat intelligence and vulnerability newsletter with NTP and K12TechPro. We'll post the "public" news to k12sysadmin from each newsletter. For the full "k12 techs only" portion (no middle schoolers, bad guys, vendors, etc. allowed), log into [k12techpro.com](http://k12techpro.com) and visit the …

Sonicwall vulnerability current documentation + reports Summary of the blog posts about the latest threat for reading. Sonicwall has published recommended remediation steps: * Update firmware to version 7.3.0, which includes enhanced protections against brute force attacks and additional MFA controls. * **7.3 has a known issue with SNMP traps …

SonicWall SSL VPN Update - August 6 We wanted to circle back with the community and share where things stand regarding the recent action involving Gen 7 SonicWall firewalls with SSLVPN enabled. After a thorough investigation, we now have high confidence that this activity is not the result of a …

SonicWall SSL VPN Update - August 6 We wanted to circle back with the community and share where things stand regarding the recent action involving Gen 7 SonicWall firewalls with SSLVPN enabled. After a thorough investigation, we now have high confidence that this activity is not the result of a …

SonicWall Walks Back Zero Day notice on SSLVPN Here is a copy & paste of the email I just received: SonicWall® Product Notification Following our earlier communications, we want to share an important update on our ongoing investigation into the recent cyber activity involving Gen 7 and newer firewalls with …

sonicwall zero-day update (2:30pm 8/6) [*https://www.sonicwall.com/support/notices/gen-7-and-newer-sonicwall-firewalls-sslvpn-recent-threat-activity/250804095336430*](https://www.sonicwall.com/support/notices/gen-7-and-newer-sonicwall-firewalls-sslvpn-recent-threat-activity/250804095336430) *We now have high confidence that the recent SSLVPN activity is* ***not connected to a zero-day vulnerability****. Instead, there is a significant correlation with threat activity related to CVE-2024-40766, which was previously disclosed and documented in our public advisory* [*SNWLID-2024-0015*](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015)*.* *We are currently investigating …