CVE-2024-40762
Published: 09 January 2025
Summary
CVE-2024-40762 is a critical-severity PRNG (CWE-338) vulnerability in Sonicwall (inferred from references). Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 18.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 IA-5 (Authenticator Management) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2024-40762 is a critical vulnerability (CVSS score 9.8, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) stemming from the use of a cryptographically weak pseudo-random number generator (PRNG) in the SonicOS SSLVPN authentication token generator, mapped to CWE-338. In certain cases, this allows an attacker to predict authentication tokens, potentially resulting in authentication bypass. The vulnerability affects the SSLVPN component within SonicWall's SonicOS.
An unauthenticated attacker with network access can exploit this issue due to its low attack complexity and lack of required privileges or user interaction. Successful prediction and use of the tokens could grant unauthorized access, leading to high impacts on confidentiality, integrity, and availability.
SonicWall has published details in advisory SNWLID-2025-0003, available at https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003, which provides information on the vulnerability and associated mitigations or patches.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-38819
Vulnerability details
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in the SonicOS SSLVPN authentication token generator that, in certain cases, can be predicted by an attacker potentially resulting in authentication bypass.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Weak PRNG enables direct unauthenticated exploitation of the public-facing SSLVPN service for auth bypass.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires timely identification, reporting, and correction of the weak PRNG flaw in SonicOS SSLVPN authentication token generation to prevent exploitation.
Mandates that authenticators, including SSLVPN tokens, have sufficient strength of mechanism to resist prediction from cryptographically weak PRNGs.
Requires implementation of approved cryptographic mechanisms, including secure PRNGs, to protect authentication token generation processes.