CVE-2024-40762

Critical

Published: 09 January 2025

Published

09 January 2025

Modified

15 April 2026

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0004 12.6th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in the SonicOS SSLVPN authentication token generator that, in certain cases, can be predicted by an attacker potentially resulting in authentication bypass.

Security Summary

CVE-2024-40762 is a critical vulnerability (CVSS score 9.8, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) stemming from the use of a cryptographically weak pseudo-random number generator (PRNG) in the SonicOS SSLVPN authentication token generator, mapped to CWE-338. In certain cases, this allows an attacker to predict authentication tokens, potentially resulting in authentication bypass. The vulnerability affects the SSLVPN component within SonicWall's SonicOS.

An unauthenticated attacker with network access can exploit this issue due to its low attack complexity and lack of required privileges or user interaction. Successful prediction and use of the tokens could grant unauthorized access, leading to high impacts on confidentiality, integrity, and availability.

SonicWall has published details in advisory SNWLID-2025-0003, available at https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003, which provides information on the vulnerability and associated mitigations or patches.

Details

CWE(s): CWE-338

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003
PSIRT@sonicwall.com