www.rapid7.com 7/15/2026, 6:04:37 PM · external

SonicWall SMA1000 flaws exploited, urgent patch advised

SonicWall SMA1000 flaws exploited, urgent patch advised
CyberSIXT Evidence Panel

ON July 14, 2026, SonicWall disclosed two critical vulnerabilities affecting its SMA1000 Series remote access appliances: CVE-2026-15409 (server-side request forgery, CVSS 10.0) and CVE-2026-15410 (code injection). Both vulnerabilities allow unauthenticated attackers to exploit these appliances, leading to unauthorized access and potential remote code execution. Rapid7’s Managed Detection and Response team identified active exploitation of these vulnerabilities before SonicWall's disclosure.

Organizations are urged to apply the latest hotfixes immediately and conduct forensic reviews to detect indicators of compromise, as these vulnerabilities are already being actively exploited in the field. SonicWall advises comprehensive remediation strategies, including re-imaging appliances if necessary.

View Primary Source Via www.rapid7.com

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline