Tag

Sma1000

All articles tagged with #sma1000

SonicWall SMA1000 Zero-Days Exploited; Critical Patch Released
security1 hour ago

SonicWall SMA1000 Zero-Days Exploited; Critical Patch Released

SonicWall warns that two SMA1000 flaws (CVE-2026-15409 SSRF and CVE-2026-15410 code execution) are being actively exploited in zero-day attacks; a patch is now available for affected SMA1000 models (6210, 7210, 8200v) via hotfix releases, with IOCs provided to detect compromise; if compromised, reimage or redeploy, reset passwords and rotate TOTP tokens; there are no mitigations outside applying the hotfix; CISA added the flaws to KEV and federal agencies must patch by July 17, 2026 under BOD 26-04.

SonicWall Addresses Zero-Day Exploit in SMA 1000 Devices
technology6 months ago

SonicWall Addresses Zero-Day Exploit in SMA 1000 Devices

SonicWall has issued a warning about a new zero-day vulnerability (CVE-2025-40602) in the SMA1000 Appliance Management Console, which has been exploited in attacks to escalate privileges. The flaw is being exploited in conjunction with another critical vulnerability (CVE-2025-23006) to execute remote code with root privileges. SonicWall advises users to update to the latest firmware to mitigate the risk, as over 950 appliances are exposed online. This follows recent security breaches and malware attacks targeting SonicWall devices.