Csa.Sg
SonicWall SMA1000 Series Faces Active Exploitation of Zero-Day Vulnerabilities
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
SonicWall has reported two zero-day vulnerabilities (CVE-2026-15409 and CVE-2026-15410) in its SMA1000 series appliances, which are currently being actively exploited. CVE-2026-15409 allows unauthenticated remote attackers to perform server-side request forgery, while CVE-2026-15410 enables remote authenticated administrators to execute arbitrary operating system commands. Both vulnerabilities have been assigned CVSS scores of 10.0 and 7.2, respectively. Affected models include the SMA1000 series appliances 6210, 7210, and 8200v. SonicWall has advised users to immediately update to patched versions to mitigate risks. The vulnerabilities were first disclosed on July 14, 2026, and have been added to the CISA KEV list due to active exploitation. Organizations are urged to check for indicators of compromise and take necessary remediation steps.
Key Points: • Two zero-day vulnerabilities in SonicWall SMA1000 series are actively exploited. • CVE-2026-15409 has a CVSS score of 10.0, allowing unauthenticated SSRF attacks. • Immediate patching is required to protect affected systems from exploitation.