SonicWall SMA1000 Zero-Days Exploited; Critical Patch Released

TL;DR Summary
SonicWall warns that two SMA1000 flaws (CVE-2026-15409 SSRF and CVE-2026-15410 code execution) are being actively exploited in zero-day attacks; a patch is now available for affected SMA1000 models (6210, 7210, 8200v) via hotfix releases, with IOCs provided to detect compromise; if compromised, reimage or redeploy, reset passwords and rotate TOTP tokens; there are no mitigations outside applying the hotfix; CISA added the flaws to KEV and federal agencies must patch by July 17, 2026 under BOD 26-04.
- SonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now BleepingComputer
- Two SonicWall SMA 1000 Zero-Days Exploited, One Could Enable Admin Commands The Hacker News
- SonicWall SMA1000 Series Products Multiple Vulnerabilities Hong Kong Computer Emergency Response Team Coordination Centre
- SonicWall Issues Urgent SMA Patch Warning for Two Zero-Day Exploits SecurityWeek
- SonicWall SMA appliances targeted in zero-day attacks (CVE-2026-15409, CVE-2026-15410) Help Net Security
Reading Insights
Total Reads
1
Unique Readers
2
Time Saved
3 min
vs 4 min read
Condensed
89%
722 → 77 words
Want the full story? Read the original article
Read on BleepingComputer