Cyber Resilience

CVE-2024-40762

Critical

Published: 09 January 2025

Published
09 January 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0006 18.2th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-40762 is a critical-severity PRNG (CWE-338) vulnerability in Sonicwall (inferred from references). Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 18.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 IA-5 (Authenticator Management) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2024-40762 is a critical vulnerability (CVSS score 9.8, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) stemming from the use of a cryptographically weak pseudo-random number generator (PRNG) in the SonicOS SSLVPN authentication token generator, mapped to CWE-338. In certain cases, this allows an attacker to predict authentication tokens, potentially resulting in authentication bypass. The vulnerability affects the SSLVPN component within SonicWall's SonicOS.

An unauthenticated attacker with network access can exploit this issue due to its low attack complexity and lack of required privileges or user interaction. Successful prediction and use of the tokens could grant unauthorized access, leading to high impacts on confidentiality, integrity, and availability.

SonicWall has published details in advisory SNWLID-2025-0003, available at https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003, which provides information on the vulnerability and associated mitigations or patches.

EU & UK References

Vulnerability details

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in the SonicOS SSLVPN authentication token generator that, in certain cases, can be predicted by an attacker potentially resulting in authentication bypass.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Weak PRNG enables direct unauthenticated exploitation of the public-facing SSLVPN service for auth bypass.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-66630Shared CWE-338
CVE-2025-40905Shared CWE-338
CVE-2021-26091Shared CWE-338
CVE-2025-15578Shared CWE-338
CVE-2025-40920Shared CWE-338
CVE-2026-5087Shared CWE-338
CVE-2024-58041Shared CWE-338
CVE-2024-57854Shared CWE-338
CVE-2026-25726Shared CWE-338
CVE-2025-40926Shared CWE-338

Affected Assets

Sonicwall
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires timely identification, reporting, and correction of the weak PRNG flaw in SonicOS SSLVPN authentication token generation to prevent exploitation.

prevent

Mandates that authenticators, including SSLVPN tokens, have sufficient strength of mechanism to resist prediction from cryptographically weak PRNGs.

prevent

Requires implementation of approved cryptographic mechanisms, including secure PRNGs, to protect authentication token generation processes.

References