www.securityweek.com 7/15/2026, 5:57:32 AM · external

SonicWall patches critical zero day flaws in SMA1000 appliances

SonicWall patches critical zero day flaws in SMA1000 appliances
Developing story vulnerability 6 articles tracked
SonicWall SMA1000 zero‑day flaws (CVE-2026-15409, CVE-2026-15410) exploited
CyberSIXT Evidence Panel

SONICWALL has issued an urgent update for its SMA1000 secure remote access appliances due to two critical zero-day vulnerabilities: CVE-2026-15409, a server-side request forgery (SSRF) exploit, and CVE-2026-15410, a code injection issue. These vulnerabilities affect versions 6210, 7210, and 8200v of these appliances, prompting users to apply hotfixes 12.4.3-03453 or 12.5.0-02835. Both vulnerabilities have been added to CISA's Known Exploited Vulnerabilities (KEV) catalog, highlighting their active exploitation.

SonicWall has collaborated with Volexity during the investigation, but additional details about the attackers remain unclear.

View Primary Source Via www.securityweek.com

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline