CVE Tools
Back to feed
The Hacker News ·EN News source Exploited in the wildSecure Mobile Access (SMA) 1000 series appliances

Two SonicWall SMA 1000 Zero-Days Exploited, One Could Enable Admin Commands

By The Hacker News··2 min read
CVE Tools coverage

SonicWall has confirmed that two unpatched vulnerabilities affecting its Secure Mobile Access (SMA) 1000 series appliances are being actively exploited. The flaws, tracked as CVE-2026-15409 and CVE-2026-15410, allow attackers to perform SSRF attacks and execute arbitrary commands with administrative privileges. These issues have already been targeted in real-world attacks, prompting urgent calls for users to update their systems. SonicWall recommends applying version 12.4.3-03453 or later to mitigate risks.