Updated
Updated · hkcert.org · Jul 15
SonicWall SMA1000 Flaws CVE-2026-15409 and CVE-2026-15410 Face Active Exploitation
Updated
Updated · hkcert.org · Jul 15

SonicWall SMA1000 Flaws CVE-2026-15409 and CVE-2026-15410 Face Active Exploitation

3 articles · Updated · hkcert.org · Jul 15

Summary

  • Two SonicWall SMA1000 vulnerabilities — CVE-2026-15409 and CVE-2026-15410 — are being exploited in the wild, with authorities rating the threat to the appliances as high risk.
  • CVE-2026-15409 is an unauthenticated server-side request forgery flaw that can force an appliance to send requests to unintended locations, while CVE-2026-15410 is a post-authentication code-injection bug in the AMC console.
  • That second flaw can let a remote authenticated administrator execute arbitrary OS commands, and the combined impact listed for the vulnerabilities includes remote code execution and security restriction bypass.
  • Affected products include SMA1000 models 6210, 7210 and 8200v on specified 12.4.3 and 12.5.0 releases, with users urged to apply vendor-issued fixes.

Insights

Are critical network devices like SonicWall now becoming an indefensible security risk for modern enterprises?
Which state-sponsored hackers are using this SonicWall flaw to breach government and corporate networks?
With AI finding new exploits, can human defenders ever win the race against these zero-day attacks?