CVE-2024-40762 Information

Description

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in the SonicOS SSLVPN authentication token generator that in certain cases can be predicted by an attacker potentially resulting in authentication bypass.

Reference

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003