Critical SonicWall SMA1000 Vulnerabilities Under Active Exploitation

Critical SonicWall SMA1000 Vulnerabilities Under Active Exploitation

First seen 15 Jul 2026, 08:28 UTC Feeds2.FeedburnerCsa.SgGbhackersSecurityaffairs.CoCybersecuritynews+6 87% similarity 87.2

Article Content

Browse articles
ThreatCluster

SonicWall has reported two critical vulnerabilities, CVE-2026-15409 and CVE-2026-15410, affecting its SMA1000 Series appliances, which are currently being actively exploited. The first vulnerability, CVE-2026-15409, is a server-side request forgery (SSRF) that allows unauthenticated attackers to send requests to unintended locations, with a CVSS score of 10.0. The second, CVE-2026-15410, is a post-authentication code injection flaw that enables authenticated attackers to execute arbitrary commands, scoring 7.2 on the CVSS scale. Affected models include the SMA1000 Series 6210, 7210, and 8200v running specific firmware versions. SonicWall and CISA have urged immediate patching to mitigate risks. The vulnerabilities were added to the CISA KEV catalog on July 14, 2026, indicating confirmed exploitation in the wild. Organizations are advised to monitor for indicators of compromise and apply the necessary updates as soon as possible.

Key Points: • Two critical vulnerabilities in SonicWall SMA1000 appliances are actively exploited. • CVE-2026-15409 (SSRF) has a CVSS score of 10.0; CVE-2026-15410 (code injection) scores 7.2. • Immediate patching is recommended for affected models to prevent unauthorized access.

ThreatCluster AI

Timeline

2026-07-14
CVE-2026-15409 and CVE-2026-15410 published
SonicWall disclosed two critical vulnerabilities affecting SMA1000 appliances, with CVSS scores of 10.0 and 7.2.
Thecyberexpress
2026-07-14
Vulnerabilities added to CISA KEV catalog
CISA confirmed active exploitation of CVE-2026-15409 and CVE-2026-15410 in the wild.
Digital.Nhs.Uk
2026-07-15
Public PoC released for vulnerabilities
First public proof-of-concept for CVE-2026-15409 and CVE-2026-15410 was made available.
Heise.De
2026-07-15
SonicWall issues urgent security advisory
SonicWall urged immediate patching for affected SMA1000 appliances due to active exploitation.
Cybersecuritynews

Community

Browse all →