Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
SonicWall Urges Patch for Critical SMA 1000 Vulnerabilities

SonicWall Urges Patch for Critical SMA 1000 Vulnerabilities

Posted on July 15, 2026 By CWS

SonicWall has issued an urgent alert regarding the active exploitation of two significant zero-day vulnerabilities affecting its Secure Mobile Access (SMA) 1000 series appliances. These vulnerabilities present serious security risks, with one enabling arbitrary command execution by attackers.

Details of the Vulnerabilities

The two vulnerabilities are identified as CVE-2026-15409 and CVE-2026-15410. The first, with a critical CVSS score of 10.0, is a server-side request forgery (SSRF) flaw. It can allow a remote, unauthenticated attacker to manipulate the appliance into making unauthorized requests. The second, with a CVSS score of 7.2, involves post-authentication code injection within the Appliance Management Console (AMC), potentially allowing an authenticated attacker to execute system commands with administrative privileges.

Immediate Patch Deployment Recommended

SonicWall has confirmed multiple exploitations of these vulnerabilities and strongly advises customers to implement the available patches without delay. The necessary updates are included in the platform-hotfix versions 12.4.3-03453 and 12.5.0-02835, along with their subsequent releases. Additionally, SonicWall recommends conducting comprehensive forensic analyses to identify any indicators of compromise (IoCs) that may suggest exploitation.

Indicators of Compromise and Remediation Steps

Key indicators of compromise include specific log entries and configuration changes. These include requests in the extraweb_access.log to /__api__/login or /__api__/logout with a 200 HTTP status, and suspicious host parameters in /wsproxy requests with a 101 HTTP status. If any IoCs are detected, re-imaging physical devices, redeploying virtual appliances, resetting passwords, and updating time-based one-time password tokens are advised.

The vulnerabilities were identified by SonicWall’s Product Security Incident Response Team (PSIRT), led by Adam Babis, with additional contributions from Volexity’s Sean Koessel and Steven Adair, who aided in uncovering further IoCs.

Broader Security Implications

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has reacted to the discovery by adding these vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. This action mandates Federal Civilian Executive Branch (FCEB) agencies to apply the necessary patches by July 17, 2026, underscoring the critical nature of these security flaws.

The swift response from SonicWall and ongoing updates highlight the importance of proactive security measures and timely patch management in safeguarding enterprise networks against emerging threats.

The Hacker News Tags:CISA, CVE-2026-15409, CVE-2026-15410, cyber threat, Cybersecurity, enterprise security, forensic analysis, patch update, PSIRT, SMA 1000, SonicWall, zero-day vulnerabilities

Post navigation

Previous Post: Microsoft Patches Critical Active Directory Vulnerability
Next Post: Critical Security Updates for Notepad++ to Block Exploits

Related Posts

Automating Data Transfers: A National Security Necessity Automating Data Transfers: A National Security Necessity The Hacker News
New Chrome Vulnerability Enables Cross-Origin Data Leak via Loader Referrer Policy New Chrome Vulnerability Enables Cross-Origin Data Leak via Loader Referrer Policy The Hacker News
Europol Shuts Down Major Crypto Laundering Network Europol Shuts Down Major Crypto Laundering Network The Hacker News
U.S. DoJ Seizes 4 Domains Supporting Cybercrime Crypting Services in Global Operation U.S. DoJ Seizes 4 Domains Supporting Cybercrime Crypting Services in Global Operation The Hacker News
Meta Rolls Out New Tools to Protect WhatsApp and Messenger Users from Scams Meta Rolls Out New Tools to Protect WhatsApp and Messenger Users from Scams The Hacker News
Adapting Identity Management for AI Agents Adapting Identity Management for AI Agents The Hacker News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • Chrome 150 and Firefox 152 Updates Fix Critical Bugs
  • Critical Security Updates for Notepad++ to Block Exploits
  • SonicWall Urges Patch for Critical SMA 1000 Vulnerabilities
  • Microsoft Patches Critical Active Directory Vulnerability
  • SonicWall Urges Immediate Update for SMA Zero-Day Flaws

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • Chrome 150 and Firefox 152 Updates Fix Critical Bugs
  • Critical Security Updates for Notepad++ to Block Exploits
  • SonicWall Urges Patch for Critical SMA 1000 Vulnerabilities
  • Microsoft Patches Critical Active Directory Vulnerability
  • SonicWall Urges Immediate Update for SMA Zero-Day Flaws

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark