SonicWall SMA1000 Zero-Days Exploited; Critical Patch Released

1 min read
Source: BleepingComputer
SonicWall SMA1000 Zero-Days Exploited; Critical Patch Released
Photo: BleepingComputer
TL;DR Summary

SonicWall warns that two SMA1000 flaws (CVE-2026-15409 SSRF and CVE-2026-15410 code execution) are being actively exploited in zero-day attacks; a patch is now available for affected SMA1000 models (6210, 7210, 8200v) via hotfix releases, with IOCs provided to detect compromise; if compromised, reimage or redeploy, reset passwords and rotate TOTP tokens; there are no mitigations outside applying the hotfix; CISA added the flaws to KEV and federal agencies must patch by July 17, 2026 under BOD 26-04.

Share this article

Reading Insights

Total Reads

1

Unique Readers

2

Time Saved

3 min

vs 4 min read

Condensed

89%

72277 words

Want the full story? Read the original article

Read on BleepingComputer