SonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now
AI Generated Image

SonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now

BleepingComputer technology

Key Points:

  • SonicWall has issued a warning about active exploitation of two critical vulnerabilities in its SMA1000 appliances, CVE-2026-15409 (SSRF) and CVE-2026-15410 (post-authentication code injection), urging customers to apply newly released security hotfixes immediately.
  • CVE-2026-15409 allows remote unauthenticated attackers to make the appliance request unintended locations, while CVE-2026-15410 enables authenticated administrators to execute arbitrary OS commands; both have been assigned a CVSS score of 10.0 by SonicWall.
  • Affected SMA1000 models include 6210, 7210, and 8200v running specific platform-hotfix releases, with patches available in later hotfix versions; these vulnerabilities do not affect SonicWall firewalls’ SSL-VPN or the SMA 100 Series.
  • SonicWall provided indicators of compromise (IOCs) for administrators to detect potential breaches and recommends re-imaging or redeploying compromised devices, resetting passwords and tokens, as no mitigations exist besides patching.
  • The U.S. CISA has added these vulnerabilities to its Known Exploited Vulnerabilities catalog, mandating federal agencies to secure affected systems by July 17, 2026, under Binding Operational Directive 26-04.

Trending Business

Trending Technology

Trending Health