Csa.Sg
Critical SonicWall SMA1000 Vulnerabilities Under Active Exploitation
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
SonicWall has reported two critical vulnerabilities, CVE-2026-15409 and CVE-2026-15410, affecting its SMA1000 Series appliances, which are currently being actively exploited. The first vulnerability, CVE-2026-15409, is a server-side request forgery (SSRF) that allows unauthenticated attackers to send requests to unintended locations, with a CVSS score of 10.0. The second, CVE-2026-15410, is a post-authentication code injection flaw that enables authenticated attackers to execute arbitrary commands, scoring 7.2 on the CVSS scale. Affected models include the SMA1000 Series 6210, 7210, and 8200v running specific firmware versions. SonicWall and CISA have urged immediate patching to mitigate risks. The vulnerabilities were added to the CISA KEV catalog on July 14, 2026, indicating confirmed exploitation in the wild. Organizations are advised to monitor for indicators of compromise and apply the necessary updates as soon as possible.
Key Points: • Two critical vulnerabilities in SonicWall SMA1000 appliances are actively exploited. • CVE-2026-15409 (SSRF) has a CVSS score of 10.0; CVE-2026-15410 (code injection) scores 7.2. • Immediate patching is recommended for affected models to prevent unauthorized access.