SonicWall says two vulnerabilities in its Secure Mobile Access (SMA) 1000 Series appliances are being exploited in the wild. The issues are tracked as CVE-2026-15409 and CVE-2026-15410. The company reports that the flaws are under active exploitation and has released fixed firmware to address them. SonicWall urges affected organizations to upgrade to the fixed firmware versions. In addition, the company advises customers to check their appliances for indicators that compromise may have occurred. If the specified indicators are found, SonicWall recommends remediation steps that include re-imaging the hardware appliance or re-deploying the virtual appliance, along with changing both user and administrator passwords. The company also instructs customers to reset TOTP (time-based one-time password) tokens to restore account security. Across the coverage, the main focus is on the same two CVEs, the fact that exploitation is active, and SonicWall’s call to apply the newly released updates promptly and to perform compromise checks where guidance is applicable.
SonicWall patches SMA1000 zero-day flaws exploited in active attacks
SonicWall says two vulnerabilities in its Secure Mobile Access (SMA) 1000 Series appliances are being exploited in the wild. The issues are tracked as CVE-2026-15409 and CVE-2026-15410. The company re...
- SonicWall reports two vulnerabilities in SMA 1000 Series appliances: CVE-2026-15409 and CVE-2026-15410.
- The company says both flaws are being exploited in active zero-day attacks.
- SonicWall has released fixed firmware and urges customers to upgrade promptly.
- SonicWall advises organizations to look for indicators of compromise on affected appliances.
- If indicators are present, SonicWall recommends re-imaging or re-deploying plus password changes and resetting TOTP tokens.
SonicWall warns that threat actors have been exploiting two SMA1000 vulnerabilities, tracked as CVE-2026-15409 and CVE-2026-15410, in zero-day attacks and urges customers to install the newly released security updates. [...]
2 hours agoSonicWall has fixed two actively exploited vulnerabilities (CVE-2026-15409, CVE-2026-15410) affecting its Secure Mobile Access (SMA) 1000 Series appliances, and is urging customer organizations to upgrade to a fixed firmare version and search for evidence of potential compromise. If the outlined indicators of compromise are present on the system, the company advises re-imaging (hardware) or re-deploying (virtual) appliances, changing user and administrator passwords, and resetting TOTP tokens. The vulnerabilities SonicWall SMA 1000 series appliances are secure … More → The post SonicWall SMA appliances targeted in zero-day attacks (CVE-2026-15409, CVE-2026-15410) appeared first on Help Net Security.
6 hours agoAeon Group reports 2027 first-quarter results in investor earnings call presentations
Multiple outlets publish investor earnings call presentations for Aeon Co., Ltd. and Aeon Financial Service Co., Ltd. co...
WGA sues to block Paramount Skydance’s bid to merge with Warner Bros. Discovery
The Writers Guild of America (WGA) files a lawsuit seeking to block Paramount Skydance’s pending acquisition of Warner B...
Sera Prognostics files Form 4 reporting insider transaction on July 14
Sera Prognostics Inc. files a Form 4 with U.S. regulators reporting an insider transaction dated July 14, according to I...