Threat Intelligence / CVE / CVE-2024-40766

CVE-2024-40766

CISA KEVRansomware

CVSS 9.3 (CRITICAL) · EPSS 3.5% · Published 2024-08-23

An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions.

CVSS v3 vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L

Weaknesses (CWE)

CWE-284

Threats tracking this CVE

Akira Ransomware Kill Chain — SSLVPN Credential Stuffing → Kerberoasting → RDP Lateral → vssadmin Shadow Copy Deletion (SANS ISC Forensic Reconstruction, May 2026) — HIGH

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015

Full detection coverage & IOCs for threats exploiting CVE-2024-40766 are available via the Threadlinqs MCP server (Purple tier). View plans →

Markdown version · Threadlinqs Intelligence