SonicWall Patches Unauthenticated DoS Flaw (CVE-2024-40764) in SonicOS IPSec VPN

SonicWall SMA100 - CVE-2024-40764

SonicWall, a leading cybersecurity provider, has issued a security patch to address a heap-based buffer overflow vulnerability in its SonicOS operating system. This vulnerability, identified as CVE-2024-40764 with a CVSS score of 7.5, could allow unauthenticated attackers to launch denial-of-service (DoS) attacks on vulnerable devices.

CVE-2024-40764

The Threat

The vulnerability resides within the SonicOS IPSec VPN implementation, leaving numerous SonicWall appliances susceptible. Attackers could exploit this flaw by sending specially crafted packets, causing affected devices to crash and become temporarily unavailable.

Who Is Affected?

A wide range of SonicWall devices running older versions of SonicOS are at risk, including:

  • Gen 6 NSv Series (NSv10, NSv25, NSv50, etc.) with firmware versions 6.5.4.4-44v-21-2395 and older
  • Gen 7 devices (TZ270, TZ370, TZ470, etc.) with firmware versions 7.0.1-5151 and older
  • NSa Series (NSa 2700, NSa 3700, etc.), NSsp Series (NSsp 10700, NSsp 11700, etc.), and NSv Series (NSv 270, NSv 470, etc.) with firmware versions 7.1.1-7051 and older

Patch Now!

SonicWall has released patched firmware versions to address the CVE-2024-40764 vulnerability:

  • Gen 6 NSv Series: 6.5.4.v-21s-RC2457
  • Gen 7 devices: 7.0.1-5161
  • NSa, NSsp, and NSv Series: 7.1.1-7058 and 7.1.2-7019

Organizations and individuals using affected SonicWall devices are strongly advised to apply these updates immediately to protect themselves from potential DoS attacks.

Temporary Mitigation

While patching is the most effective solution, SonicWall also recommends restricting inbound IPSec VPN access to trusted sources or temporarily disabling IPSec VPN access from the internet until patches are applied.