SonicWall’s Old Bug Bites Back: Password Blunders Spark Security Frenzy

SonicWall assures that recent SSL VPN activity isn’t a zero-day threat, but linked to the older CVE-2024-40766 bug. The culprit? Password reuse from Gen 6 to Gen 7 migrations. Time to update to SonicOS 7.3, reset passwords, and embrace multi-factor authentication like it’s 2024!

3P
Published: August 7, 2025 11:56 amAdded: August 7, 2025 at 5:16 amAssembled by: The Editor
Pro Dashboard

Hot Take:

SonicWall firewalls are under “attack,” and it turns out it’s not a brand-new bug causing the chaos but an oldie with a twist of password reuse. Looks like cyber villains have a taste for vintage vulnerabilities. Time to reset those passwords, folks, and maybe toss in some MFA sprinkles for good measure!

Key Points:

  • SonicWall’s Gen 7 and newer firewalls are experiencing increased threat activity.
  • The incidents are linked to an older vulnerability, CVE-2024-40766, not a zero-day flaw.
  • The issue involves improper access control, potentially causing unauthorized access and crashes.
  • Many incidents occurred due to password reuse during firewall migrations.
  • SonicWall recommends specific security measures including firmware updates and password resets.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?