Cyber Posture

CVE-2024-40762

Critical

Published: 09 January 2025

Published
09 January 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0004 12.8th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-40762 is a critical-severity PRNG (CWE-338) vulnerability in Sonicwall (inferred from references). Its CVSS base score is 9.8 (Critical).

Operationally, ranked at the 12.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 IA-5 (Authenticator Management) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly requires timely identification, reporting, and correction of the weak PRNG flaw in SonicOS SSLVPN authentication token generation to prevent exploitation.

IA-5 Authenticator Management good match
prevent

Mandates that authenticators, including SSLVPN tokens, have sufficient strength of mechanism to resist prediction from cryptographically weak PRNGs.

SC-13 Cryptographic Protection partial match
prevent

Requires implementation of approved cryptographic mechanisms, including secure PRNGs, to protect authentication token generation processes.

NVD Description

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in the SonicOS SSLVPN authentication token generator that, in certain cases, can be predicted by an attacker potentially resulting in authentication bypass.

Deeper analysisAI

CVE-2024-40762 is a critical vulnerability (CVSS score 9.8, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) stemming from the use of a cryptographically weak pseudo-random number generator (PRNG) in the SonicOS SSLVPN authentication token generator, mapped to CWE-338. In certain cases, this allows an attacker to predict authentication tokens, potentially resulting in authentication bypass. The vulnerability affects the SSLVPN component within SonicWall's SonicOS.

An unauthenticated attacker with network access can exploit this issue due to its low attack complexity and lack of required privileges or user interaction. Successful prediction and use of the tokens could grant unauthorized access, leading to high impacts on confidentiality, integrity, and availability.

SonicWall has published details in advisory SNWLID-2025-0003, available at https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003, which provides information on the vulnerability and associated mitigations or patches.

Details

CWE(s)
CWE-338

Affected Products

Sonicwall
inferred from references and description; NVD did not file a CPE for this CVE

CVEs Like This One

CVE-2025-40905Shared CWE-338
CVE-2026-25726Shared CWE-338
CVE-2026-6659Shared CWE-338
CVE-2024-57854Shared CWE-338
CVE-2024-58041Shared CWE-338
CVE-2025-66630Shared CWE-338
CVE-2026-5088Shared CWE-338
CVE-2025-15578Shared CWE-338
CVE-2025-15618Shared CWE-338
CVE-2025-40920Shared CWE-338

References