SonicWall Confirms No New SSLVPN 0-Day – Ransomware Attack Linked to Old Vulnerability

Cybersecurity firm SonicWall has officially addressed recent concerns about a potential new zero-day vulnerability in its Secure Sockets Layer Virtual Private Network (SSLVPN) products.

In a statement to Cybersecurity News, the company confirmed that recent ransomware attacks are not the result of a new flaw, but are instead linked to a previously identified and patched vulnerability.

SonicWall stated with high confidence that the malicious activity is associated with CVE-2024-40766. This vulnerability was disclosed earlier and detailed in the company’s public advisory, SNWLID-2024-0015. The company’s investigation refutes claims of a new or unknown zero-day exploit circulating in the wild.

According to the report, the impact of these attacks has been limited, with fewer than 40 confirmed cases identified.

The incidents appear to be connected to the use of legacy credentials during the migration process from older Generation 6 firewalls to the newer Generation 7 models. This suggests that attackers exploited outdated or weak credentials that were not updated during the hardware refresh cycle.

In response to the attacks, SonicWall has issued updated guidance for its customers. The company is urging users to change their credentials to prevent unauthorized access immediately.

Furthermore, it strongly recommends upgrading to SonicOS 7.3.0, which incorporates enhanced Multi-Factor Authentication (MFA) protections and other security features designed to thwart such attacks. These features include login attempt lockouts and the enforcement of complex password policies.

Since identifying the threat, SonicWall has maintained a proactive stance on communication and customer protection. The company has been directly notifying affected customers and partners, providing them with detailed mitigation steps.

Equip your SOC with full access to the latest threat data from ANY.RUN TI Lookup that can Improve incident response -> Get 14-day Free Trial

The post SonicWall Confirms No New SSLVPN 0-Day – Ransomware Attack Linked to Old Vulnerability appeared first on Cyber Security News.