SonicWall says that recent Akira ransomware attacks exploiting Gen 7 firewalls with SSLVPN enabled are exploiting an older vulnerability rather than a zero-day flaw.

The company says that the attackers are targeting CVE-2024-40766, an unauthorized access flaw fixed in August 2024.

"We now have high confidence that the recent SSLVPN activity is not connected to a zero-day vulnerability," reads the update on the SonicWall bulletin published this week.

"Instead, there is a significant correlation with threat activity related to CVE-2024-40766, which was previously disclosed and documented in our public advisory SNWLID-2024-0015 ."

CVE‑2024‑40766 is a critical SSLVPN access control flaw in SonicOS, allowing unauthorized access to vulnerable endpoints, enabling attackers to hijack sessi

See Full Page