**Name of the Vulnerable Software and Affected Versions:**

SonicWall SonicOS versions prior to 7.3.0.

**Description:**

SonicWall SonicOS contains an improper access control vulnerability (CVE-2024-40766) that could allow unauthorized access to resources and, in specific conditions, cause the firewall to crash. The Akira ransomware group is actively exploiting this vulnerability, particularly in SSL VPN deployments. Approximately 48,933 SonicWall devices remain vulnerable. Attackers are exploiting default configurations and weak passwords, especially in systems recently migrated from Gen 6 to Gen 7 without password resets. The vulnerability affects Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions.

**Recommendations:**

* Update SonicOS to version 7.3.0 or later.

* Reset all local user account passwords for any accounts with SSLVPN access.

* Enable Multi-Factor Authentication (MFA).

* Remove unused or inactive user accounts.

* Enable Botnet Protection and Geo-IP Filtering.

* Restrict SSLVPN access to trusted IP addresses.

* Review and audit recent configuration changes for unusual activity.

* Rotate any credentials that may have been exposed.

* Disable SNMP traps before upgrading to version 7.3.0.