CVE-2024-40765

🗓️ 09 Jan 2025 07:12:40Reported by sonicwallType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 54 Views

Integer buffer overflow in SonicOS via IPSec can cause DoS and remote code execution.

Reporter	Title	Published	Views	Family All 9
BDU FSTEC	The vulnerability in the implementation of IPSec protocols on the SonicOS operating system allows a attacker to trigger a Denial-of-Service attack (DoS) or execute arbitrary code.	13 Jan 202500:00	–	bdu_fstec
Circl	CVE-2024-40765	7 Jan 202512:38	–	circl
CNNVD	SonicWALL SonicOS 安全漏洞	9 Jan 202500:00	–	cnnvd
CNVD	Unspecified Vulnerability in SonicWall SonicOS (CNVD-2025-01662)	10 Jan 202500:00	–	cnvd
Cvelist	CVE-2024-40765	9 Jan 202507:12	–	cvelist
NVD	CVE-2024-40765	9 Jan 202508:15	–	nvd
Positive Technologies	PT-2025-1025 · Sonicwall · Sonicos	7 Jan 202500:00	–	ptsecurity
SonicWall	Integer-Based Buffer Overflow Vulnerability In SonicOS via IPSec	7 Jan 202511:40	–	sonicwall
Vulnrichment	CVE-2024-40765	9 Jan 202507:12	–	vulnrichment

Vulners

Node

sonicwall sonicosRange≤6.5.4.4-44v-21-2395

sonicwall sonicosRange≤7.0.1-5151

sonicwall sonicosRange≤7.1.1-7051

AND

sonicwall gen6_nsv

sonicwall gen7_hardware

sonicwall gen7_nsv

[
  {
    "defaultStatus": "unknown",
    "platforms": [
      "Gen6 NSv",
      "Gen7 Hardware",
      "Gen7 NSv"
    ],
    "product": "SonicOS",
    "vendor": "SonicWall",
    "versions": [
      {
        "status": "affected",
        "version": "6.5.4.4-44v-21-2395 and older versions"
      },
      {
        "status": "affected",
        "version": "7.0.1-5151 and older versions"
      },
      {
        "status": "affected",
        "version": "7.1.1-7051 and older versions"
      }
    ]
  }
]

Source	Link
psirt	www.psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0013

17 Jun 2026 07:46Current

7.9High risk

Vulners AI Score7.9

CVSS 3.19.8

EPSS0.00786

SSVC

CWE-190