CVE-2024-40762

Critical CVSS: 9.8

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in the SonicOS SSLVPN authentication token generator that, in certain cases, can be predicted by an attacker potentially resulting in authentication bypass.

Vendor

Product

CWE

CWE-338

Yayın Tarihi

2025-01-09 07:15:26

Güncelleme

2025-01-09 15:15:15

Source Identifier

PSIRT@sonicwall.com

KEV Date Added

Kategoriler

CWE-338 CRITICAL 2025

Referanslar

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003