SonicWall Releases New Security Advisory - 20240722003¶
Overview¶
SonicWall has issued a security advisory which includes fixes for multiple products relating to a heap-based buffer overflow vulnerability in the SonicOS IPSec, which allows an unauthenticated remote attacker to cause Denial of Service (DoS).
What is vulnerable?¶
| Product(s) Affected | Version(s) | CVE | CVSS | Severity |
|---|---|---|---|---|
| Gen6 - Multiple Platforms | 6.5.4.4-44v-21-2395 and older versions | CVE-2024-40764 | TBD | TBD |
| Gen7 - Multiple Platforms | 7.0.1-5151 and older versions 7.1.1-7051 and older versions | CVE-2024-40764 | TBD | TBD |
Recommendation¶
The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of 1 month... (refer [Patch Management](../guidelines/patch-management.
- SonicWall Security Advisory: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0012