Skip to content

SonicOS Vulnerability – SNWLID-2024-0012

| 2024-07-19 15:46:22 | By

In a recent security update, SonicWall has added a new vulnerability, identified as SNWLID-2024-0012, to its Known Exploited Vulnerabilities Catalog. This vulnerability, tracked as CVE-2024-40764, affects the Gen 6 NSv and Gen 7 Firewalls series products. Here's what you need to know to ensure your network's security.

Understanding the Vulnerability

The issue at hand is a heap-based buffer overflow vulnerability within the SonicOS IPSec VPN. This vulnerability can potentially allow an unauthenticated remote attacker to cause a Denial of Service (DoS) attack. The vulnerability impacts the following devices:

Gen 6 NSv Series:

  • NSv10, NSv25, NSv50, NSv100, NSv200, NSv300, NSv400, NSv800, NSv1600 (if running 6.5.4.4-44v-21-2395 and older versions)

Gen 7 Series:

  • TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670, NSa 2700, NSa 3700, NSa 4700, NSa 5700, NSa 6700, NSsp 10700, NSsp 11700, NSsp 13700, NSsp 15700, NSv 270, NSv 470, NSv 870 (if running 7.0.1-5151 and older versions or 7.1.1-7051 and older versions)
SonicWall's Response
SonicWall's Product Security Incident Response Team (PSIRT) has recognized the issue and provided guidelines for upgrading the affected devices. Although there is no current evidence of these vulnerabilities being exploited in the wild, SonicWall strongly recommends that users of the affected products upgrade to the specified fixed release versions to safeguard their networks.

Patched Versions
SonicWall has released patched firmware versions to address this vulnerability. The recommended versions are:
Gen 6 NSv Series:
  • Patched Version: 6.5.4.v-21s-RC2457
Gen 7 Series:
  • Patched Versions: 7.0.1-5161, 7.1.1-7058, and 7.1.2-7019
Logically advises to upgrade all Gen 7 devices to version 7.0.1-5161 to ensure maximum security and availability.

Steps to Protect Your Network

If you are a Managed Service Customer with an active support agreement with Logically, we are working diligently to create a service ticket for affected devices to patch firmware to a non-affected version.  If you are not a customer, we recommend the following:

  1. Identify Affected Devices: Check if your devices are running the affected firmware versions listed above.
  2. Schedule Upgrades: Plan a maintenance window to upgrade your devices to the patched versions. This process involves a reboot and will temporarily disrupt network availability, so scheduling is crucial to minimize downtime.
  3. Contact Support: For assistance with the upgrade process, reach out to your support provider or SonicWall's help desk.

Please also note that Logically can assist with the upgrade process under a billable rate for non-managed Firewall customers.

Conclusion
Staying ahead of security vulnerabilities is critical to protecting your network. By promptly upgrading to the recommended firmware versions, you can mitigate the risks associated with SNWLID-2024-0012. SonicWall and Logically are here to assist you in this process to ensure your network remains secure and resilient. To discuss how Logically can support your security strategy, or to address any concerns about this incident, please do not hesitate to contact us.

Related Articles

Fortinet VPN Zero Day

Fortinet VPN Zero Day

CrowdStrike Outage

CrowdStrike Outage

Duo Security Incident

Duo Security Incident

View All Articles

We are committed to providing you with the best IT service and security possible.