I’M UNDER A CYBER ATTACK

Alert

Alert 2024-28 Critical Vulnerability in SonicWall Exploited by Akira Ransomware Actors

A critical vulnerability, identified as CVE-2024-40766 with a CVSS score of 9.3, was disclosed by SonicWall, affecting their firewalls running SonicOS in generations 5, 6, and some versions of 7. This vulnerability arises from improper access control to the SonicOS management interface and SSLVPN functionality. The flaw allows attackers to gain unauthorized access to resources or cause the firewall to crash.

The Akira ransomware actors have been actively exploiting this vulnerability as an initial access vector, compromising local SSLVPN user accounts, especially when Multi-Factor Authentication (MFA) is disabled.

Recently, active exploitation of this vulnerability has been observed in several organizations in Mexico, making it urgent to take immediate action.

Download PDF

WE’RE HERE TO HELP

Are you under a cyber attack?

Report it here

get the latest alerts in your inbox

Subscribe to our newsletter

We are a a group of highly trained professionals based in R&D with advanced technical knowledge and experience in the detection, analysis, containment, and recovery of security incidents.

We are a CSIRT, we are Cybolt.

I’M UNDER A CYBER ATTACK

Explore

Services

Stay updated

© 2024. Beacon Lab CSIRT, Privacy Policy

This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.