SonicWall confirms that recent ransomware attacks on its Gen 7 firewalls are linked to a previously disclosed and patched defect, not a zero-day vulnerability. Experts are still uncertain if other vulnerabilities or misconfigurations contribute to the ongoing attacks, which primarily involve Akira ransomware affiliates. #CVE-2024-40766 #SonicWall #Akira
Keypoints
- SonicWall states the attacks are related to a known vulnerability, CVE-2024-40766, not a new zero-day.
- Fewer than 40 organizations have been affected, mostly those recently migrating to Gen 7 firewalls.
- Many impacted customers had already applied the patch for CVE-2024-40766 when attacked.
- Threat actors, primarily Akira ransomware affiliates, exploit these vulnerabilities for extortion and data theft.
- SonicWall recommends updating to SonicOS 7.3.0 and changing credentials to enhance security.
Read More: https://cyberscoop.com/sonicwall-firewall-attacks-old-vulnerability/