SonicWall Issues Urgent SMA Patch Warning for Two Zero-Day Exploits

https://www.securityweek.com/wp-content/uploads/2025/08/SonicWall.jpg

Vulnerabilities

SonicWall SMA1000 zero-day vulnerabilities CVE-2026-15409 and CVE-2026-15410 can be exploited for remote code execution.

SonicWall is urging customers to immediately update SMA1000 secure remote access appliances, which are being targeted by threat actors via two new zero-day vulnerabilities.

The vulnerabilities are tracked as CVE-2026-15409 and CVE-2026-15410 and they affect SMA1000 versions 6210, 7210, and 8200v. Enterprises using the affected products have been instructed to update to hotfix releases 12.4.3-03453 or 12.5.0-02835.

CVE-2026-15409 has been described as a critical server-side request forgery (SSRF) issue affecting the Appliance Work Place interface. It allows a remote, unauthenticated attacker to cause the targeted appliance to “make requests to unintended locations”.

CVE-2026-15410 is a high-severity code injection issue affecting the Appliance Management Console (AMC) that can allow an attacker with admin privileges to execute arbitrary OS commands.

“SonicWall PSIRT has investigated multiple cases indicating the active exploitation of the vulnerabilities described in this advisory,”...

Copyright of this story solely belongs to securityweek.com. To see the full text click HERE

Read more