SonicWall customers under threat as attackers exploit 2 zero-days

SonicWall customers under threat as attackers exploit 2 zero-days
SonicWall has confirmed that attackers are exploiting two zero-day vulnerabilities, CVE-2026-15409 and CVE-2026-15410, in SMA1000 appliances, with Rapid7 saying the first known exploitation occurred on June 22. The chained flaws can lead from no access to full system compromise, and SonicWall is urging immediate patching while CISA has added the issues to its known exploited vulnerabilities catalog. #CVE-2026-15409 #CVE-2026-15410 #SonicWall #SMA1000 #CISA #Rapid7

Keypoints

  • SonicWall disclosed two zero-day vulnerabilities affecting SMA1000 appliances.
  • Rapid7 said the vulnerabilities were first exploited on June 22.
  • The flaws can be chained to achieve complete system compromise.
  • CISA added both vulnerabilities to its known exploited vulnerabilities catalog.
  • SonicWall urged customers to patch and inspect systems for indicators of compromise.

Read More: https://cyberscoop.com/sonicwall-zero-day-vulnerabilities-exploited/