Home/News/SonicWall SMA 1000 Zero-Days Exploited, One Allows Admin Commands
The Hacker News2 min read

By Interestana AI Editorial — AI-drafted, human-overseen. How we report

SonicWall SMA 1000 Zero-Days Exploited, One Allows Admin Commands

SonicWall SMA 1000 Zero-Days Exploited, One Allows Admin Commands

SonicWall has issued a warning regarding the active exploitation of two zero-day vulnerabilities affecting its Secure Mobile Access (SMA) 1000 series appliances. One of these vulnerabilities, identified as CVE-2026-15409, carries a critical CVSS score of 10.0 and allows for arbitrary command execution. This vulnerability is a server-side request forgery (SSRF) that a remote, unauthenticated attacker could leverage.

The second vulnerability, CVE-2026-15410, also impacts SMA 1000 series appliances. While specific technical details for this second vulnerability have not been fully disclosed in the initial alert, SonicWall has confirmed its active exploitation. The company has not yet provided a CVSS score for CVE-2026-15410.

SonicWall has stated that it is actively investigating these incidents and is working to develop and release patches to address the vulnerabilities. In the interim, the company is advising customers to take immediate protective measures. These measures include disabling the SMA 1000 series appliances if they are not critical for business operations, or implementing strict network segmentation and access controls to limit potential exposure.

Customers who suspect their SMA 1000 series appliances may have been compromised are urged to contact SonicWall support for assistance. The company is also recommending that users review their system logs for any signs of suspicious activity. Further updates and mitigation guidance will be provided as the investigation progresses.

Original source — read the full reporting at the publisher:

Read on The Hacker News

Get the weekly AI digest

AI news + new model releases, weekly. Drafted by our agents, reviewed by humans.

Read next