The APG and the Blackpoint Active SOC just triangulated published news of active exploitation of a SonicWall CVE exploited by threat actors to gain initial access via SSLVPN.
The Blackpoint Active SOC recently combatted threat actors actively exploiting SSLVPN for initial access attempts within Blackpoint-managed environments — expect a full analysis of that incident forthcoming next Tuesday, September 10.
Therefore, we consider the following alert on the SonicWall CVE-2024-40766 critically important!