SonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now

SonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now
SonicWall warns that attackers are actively exploiting CVE-2026-15409 and CVE-2026-15410 in zero-day attacks against SMA1000 appliances, and urges customers to install the latest hotfixes immediately. CISA has added both flaws to its KEV catalog, while affected administrators are advised to check for the listed indicators of compromise and re-image or redeploy compromised devices if needed. #SonicWall #CVE-2026-15409 #CVE-2026-15410 #SMA1000 #CISA #KEV

Keypoints

  • SonicWall confirms active exploitation of two SMA1000 vulnerabilities.
  • CVE-2026-15409 is a critical SSRF flaw in the Appliance Work Place interface.
  • CVE-2026-15410 is a post-authentication code injection issue in the Management Console.
  • Fixes are available in platform-hotfix releases 12.4.3-03453 and 12.5.0-02835, and later.
  • CISA has listed both vulnerabilities in its Known Exploited Vulnerabilities catalog.

Read More: https://www.bleepingcomputer.com/news/security/sonicwall-warns-of-sma1000-flaws-exploited-in-zero-day-attacks-patch-now/