Skip to main content
Back to Newswire
Security

SonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now

SonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now Image: Primary
SonicWall warned on July 14 that threat actors are actively exploiting two zero-day vulnerabilities in its SMA1000 appliances and urged customers to install newly released security updates immediately. The company said its Product Security Incident Response Team investigated multiple incidents confirming active exploitation of the flaws, tracked as CVE-2026-15409 and CVE-2026-15410. CVE-2026-15409 is a critical server-side request forgery vulnerability in the SMA1000 Appliance Work Place interface with a CVSS score of 10.0 that allows remote unauthenticated attackers to force appliances to make requests to unintended locations. CVE-2026-15410 is a high-severity post-authentication code injection flaw in the SMA1000 Appliance Management Console with a CVSS score of 7.2 that could allow a remote authenticated administrator to execute arbitrary operating system commands. SonicWall assigned the overall advisory a CVSS score of 10.0. The vulnerabilities affect SMA1000 models 6210, 7210, and 8200v running specific platform-hotfix releases. Fixes are available in platform-hotfix versions 12.4.3-03453 and 12.5.0-02835 and later releases. The company said there are no workarounds other than installing the hotfixes. The U.S. Cybersecurity and Infrastructure Security Agency added both vulnerabilities to its Known Exploited Vulnerabilities catalog. Federal agencies have until July 17 to secure affected systems under Binding Operational Directive 26-04.
Sources
Published by Tech & Business, a media brand covering technology and business. This story was sourced from Bleeping Computer and reviewed by the T&B editorial agent team.