securityaffairs.com 7/15/2026, 8:47:14 AM · external

SonicWall Warns of Active Exploitation of SMA 1000 Zero Days

SonicWall Warns of Active Exploitation of SMA 1000 Zero Days
CyberSIXT Evidence Panel

SONICWALL has issued a warning regarding the active exploitation of two zero-day vulnerabilities in its SMA 1000 appliances. The first vulnerability, CVE-2026-15409, is a critical Server-side Request Forgery (SSRF) flaw with a CVSS score of 10.0, allowing unauthenticated attackers to manipulate requests. The second, CVE-2026-15410, scored at 7.2, is a post-authentication code injection flaw enabling authenticated attackers to execute arbitrary operating system commands.

SonicWall recommends affected users upgrade to patched versions (12.4.3-03453 or 12.5.0-02835 and higher), perform forensic investigations, and monitor system logs for suspicious activity. Past vulnerabilities also affected the SMA 1000 management console, which had been previously exploited in the wild.

View Primary Source Via securityaffairs.com

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline