SonicWall has disclosed a critical heap-based buffer overflow vulnerability in SonicOS IPSec VPN, identified as CVE-2024-40764, which can allow remote attackers to cause a DoS condition.
The vulnerability has a CVSS v3 score of 7.5, indicating high severity.
CVE-2024-40764
The vulnerability, affecting multiple versions of SonicWall’s Gen6 and Gen7 platforms, was disclosed on July 17, 2024. SonicWall has provided a workaround and is developing a patch.
| Advisory ID | SNWLID-2024-0012 |
| First Published | 2024-07-17 |
| Last Updated | 2024-07-17 |
| Workaround | True |
| Status | Applicable |
| CVE | CVE-2024-40764 |
| CWE | CWE-122 |
| CVSS v3 | 7.5 |
| CVSS Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
The heap-based buffer overflow in SonicOS IPSec VPN allows unauthenticated remote attackers to exploit the system, causing a DoS condition.
This could disrupt services and cause significant operational downtime for affected organizations.
Affected Products
The vulnerability affects various SonicWall products across multiple versions. Below is a detailed list of the impacted platforms and their respective versions:
| Impacted Platforms | Impacted Version |
| Gen6 NSv – NSv10, NSv25, NSv50, NSv100, NSv200, NSv300, NSv400, NSv800, NSv1600 | 6.5.4.4-44v-21-2395 and older versions |
| Gen7 – TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670, NSa 2700, NSa 3700, NSa 4700, NSa 5700, NSa 6700, NSsp 10700, NSsp 11700, NSsp 13700, NSsp 15700, NSv 270, NSv 470, NSv 870 | 7.0.1-5151 and older versions, 7.1.1-7051 and older versions |
To mitigate this vulnerability, SonicWall recommends restricting inbound IPSec VPN access to trusted sources or disabling IPSec VPN access from the internet until the official patch is applied.
Organizations should contact SonicWall Technical Support for assistance in implementing these measures.
SonicWall has released fixed versions for the affected platforms. Below is a list of the fixed platforms and their respective versions:
Fixed Platforms And Versions
| Fixed Platforms | Fixed Version |
| Gen6 NSv – NSv10, NSv25, NSv50, NSv100, NSv200, NSv300, NSv400, NSv800, NSv1600 | 6.5.4.v-21s-RC2457 |
| Gen7 – TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670, NSa 2700, NSa 3700, NSa 4700, NSa 5700, NSa 6700, NSsp 10700, NSsp 11700, NSsp 13700, NSsp 15700, NSv 270, NSv 470, NSv 870 | 7.0.1-5161, 7.1.1-7058, 7.1.2-7019 |
Follow Us on: Twitter, Instagram, Facebook to get the latest security news!
Leave A Comment