CVE Tools
Back to feed
Help Net Security ·EN-US News source Exploited in the wildSecure Mobile Access (SMA) 1000 Series appliances

SonicWall SMA appliances targeted in zero-day attacks (CVE-2026-15409, CVE-2026-15410)

By Zeljka Zorz··2 min read
CVE Tools coverage

SonicWall has addressed two actively exploited vulnerabilities (CVE-2026-15409, CVE-2026-15410) impacting its Secure Mobile Access (SMA) 1000 Series appliances. These flaws were being used together in real-world attacks, allowing unauthenticated attackers to trigger SSRF and authenticated users to execute arbitrary code. Customers are advised to apply the latest firmware updates and check for signs of compromise. SonicWall also recommends additional post-patch actions like password resets and TOTP token regeneration.