SonicWall has disclosed that the recent surge in incidents aimed at its Generation 7 and more recent firewalls with SSL VPN activated is associated with an outdated, now-resolved flaw and the reuse of passwords.
“We are now highly confident that the recent SSL VPN incidents are not linked to a zero-day vulnerability,” the firm stated. “Rather, there is a notable correlation with threat activity associated with CVE-2024-40766.”