Lucene search
+L

7 matches found

The Hacker News
The Hacker News
added 2025/08/07 10:32 a.m.12 views

SonicWall Confirms Patched Vulnerability Behind Recent VPN Attacks, Not a Zero-Day

SonicWall has revealed that the recent spike in activity targeting its Gen 7 and newer firewalls with SSL VPN enabled is related to an older, now-patched bug and password reuse. "We now have high confidence that the recent SSL VPN activity is not connected to a zero-day vulnerability," the compan...

9.8CVSS9.6AI score0.15593EPSS
Exploits0
Talos Blog
Talos Blog
added 2024/10/21 4:50 p.m.62 views

Akira ransomware continues to evolve

Akira continues to cement its position as one of the most prevalent ransomware operations in the threat landscape, according to Cisco Talos' findings and analysis. Their success is partly due to the fact that they are constantly evolving. For example, after Akira already developed a new version o...

9.8CVSS10AI score0.97591EPSS
Exploits11
Rapid7 Blog
Rapid7 Blog
added 2024/09/09 6:38 p.m.46 views

CVE-2024-40766: Critical Improper Access Control Vulnerability Affecting SonicWall Devices

On August 22, 2024, security firm SonicWall published an advisory on CVE-2024-40766, a critical improper access control vulnerability affecting SonicOS, the operating system that runs on the company’s physical and virtual firewalls. While CVE-2024-40766 was not known to be exploited in the wild a...

9.8CVSS9.7AI score0.15593EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/08/26 2:33 p.m.26 views

SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access

SonicWall has released security updates to address a critical flaw impacting its firewalls that, if successfully exploited, could grant malicious actors unauthorized access to the devices. The vulnerability, tracked as CVE-2024-40766 CVSS score: 9.3, has been described as an improper access contr...

7.2AI score0.15593EPSS
Exploits0
CVE
CVE
added 2024/08/23 6:19 a.m.494 views

CVE-2024-40766

CVE-2024-40766 affects SonicWall SonicOS on Gen5/Gen6 and Gen7 (SonicOS ≤ 7.0.1-5035) with improper access control in management access and SSLVPN, enabling unauthorized resource access and, in some cases, a firewall crash. Public sources confirm exploitation activity in the wild (CISA KEV catalo...

9.8CVSS6.7AI score0.15593EPSS
In wildExploits0References2Affected Software1
Circl
Circl
added 2024/08/23 4:0 a.m.10 views

CVE-2024-40766

creationtimestamp| type| source ---|---|--- 2024-08-23 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1358 2024-08-23 09:36:13+00:00| seen| https://t.me/cvedetector/3978 2024-08-24 09:50:28+00:00| seen| https://t.me/HackingInsights/11135 2024-08-26 17:55:36+00:00| seen|...

9.8CVSS7.1AI score0.15593EPSS
Exploits0References121
SonicWall
SonicWall
added 2024/08/22 6:43 p.m.7 views

SonicOS Improper Access Control Vulnerability

An improper access control vulnerability has been identified in the SonicWall SonicOS management access and SSLVPN, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Gen 5 and Gen 6 devices, as well as Gen 7...

9.3CVSS9.7AI score0.15593EPSS
Exploits0
Rows per page
Query Builder