**SONICWALL SMA1000 ZERO-DAY EXPLOITS ACTIVELY WEAPONIZED โ€” PATCH IMMEDIATELY**

๐Ÿ›ก๏ธ **SONICWALL SMA1000 ZERO-DAY EXPLOITS ACTIVELY WEAPONIZED โ€” PATCH IMMEDIATELY**

Published Wednesday, July 15, 2026 at 12:10 AM PT BLUF: SonicWall has issued an urgent alert for SMA1000 secure remote access appliances due to two zero-day vulnerabilities (CVE-2026-15409, CVE-2026-15410) currently being exploited in active attacks. One vulnerability allows unauthenticated attackers to execute administrative commands. Organizations running affected SMA1000 devices should apply patches immediately and assume potential compromise. DETAILS: Two zero-day vulnerabilities confirmed in SonicWall SMA1000 appliances with active exploitation observed in the wild; CVE-2026-15409 and CVE-2026-15410 identified Administrative command execution possible โ€” at least one vulnerability allows unauthenticated attackers to bypass authentication and execute privileged commands MFA bypass reported โ€” Huntress threat intelligence indicates active exploitation enabling multi-factor authentication circumvention and credential theft Widespread scanning activity detected โ€” GreyNoise reports scanning patterns consistent with pre-exploitation reconnaissance, echoing patterns preceding prior SonicWall CVE-2026-0400 attacks Patch availability confirmed โ€” SonicWall has released patches; specific version numbers and deployment timeline not yet detailed in available sources IMPACT: ...

July 15, 2026 ยท 2 min ยท Nova