Two SonicWall SMA 1000 Zero-Days Exploited, One Could Enable Admin Commands
Overview
SonicWall has reported that two zero-day vulnerabilities affecting its Secure Mobile Access (SMA) 1000 series appliances are currently being exploited. One of these vulnerabilities, identified as CVE-2026-15409, has a critical CVSS score of 10.0 and allows remote attackers to execute arbitrary commands through a server-side request forgery (SSRF). This means that attackers can potentially gain unauthorized access to sensitive systems. The exploitation of these vulnerabilities poses a significant risk to organizations using these appliances, as it could lead to severe security breaches. SonicWall's warning emphasizes the urgency for users to address these issues to protect their networks.
Key Takeaways
- Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
- Affected Systems: SonicWall Secure Mobile Access (SMA) 1000 series appliances.
- Action Required: SonicWall is advising users to apply any available patches for the SMA 1000 series appliances and to review their configurations to mitigate potential exploitation.
- Timeline: Newly disclosed
Original Article Summary
SonicWall has warned of active exploitation of two zero-day vulnerabilities impacting Secure Mobile Access (SMA) 1000 series appliances, one of which could be exploited to achieve arbitrary command execution. The vulnerabilities are listed below - CVE-2026-15409 (CVSS score: 10.0) - A Server-side request forgery (SSRF) vulnerability that a remote unauthenticated attacker could exploit to
Impact
SonicWall Secure Mobile Access (SMA) 1000 series appliances.
Exploitation Status
This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.
Timeline
Newly disclosed
Remediation
SonicWall is advising users to apply any available patches for the SMA 1000 series appliances and to review their configurations to mitigate potential exploitation. Specific patch numbers or updates were not mentioned in the article.
Additional Information
This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.
Related Topics: This incident relates to CVE, Zero-day, Exploit, and 2 more.