Ptechhub
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
PtechHub
No Result
View All Result

Two SonicWall SMA 1000 Zero-Days Exploited, One Could Enable Admin Commands

The Hacker News by The Hacker News
July 15, 2026
Home Cybersecurity
Share on FacebookShare on Twitter


Ravie LakshmananJul 15, 2026Vulnerability / Enterprise Security

SonicWall has warned of active exploitation of two zero-day vulnerabilities impacting Secure Mobile Access (SMA) 1000 series appliances, one of which could be exploited to achieve arbitrary command execution.

The vulnerabilities are listed below –

  • CVE-2026-15409 (CVSS score: 10.0) – A Server-side request forgery (SSRF) vulnerability that a remote unauthenticated attacker could exploit to potentially cause the appliance to make requests to an unintended location.
  • CVE-2026-15410 (CVSS score: 7.2) – A post-authentication code injection vulnerability rooted in the Appliance Management Console (AMC) that a remote authenticated attacker could exploit to execute arbitrary operating system commands as administrator under certain conditions.

SonicWall said it has “investigated multiple cases indicating the active exploitation of the vulnerabilities,” urging customers to apply the fixes as soon as possible. The patches are available in the following versions –

  • 12.4.3-03453 (platform-hotfix) and higher versions
  • 12.5.0-02835 (platform-hotfix) and higher versions

Users are also urged to perform a thorough forensic analysis of the system to determine the presence of any indicators of compromise (IoCs) associated with exploitation –

  • If in extraweb_access.log are mentioned requests to /__api__/login or /__api__/logout with http 200 status
  • If in extraweb_access.log are mentioned requests to /wsproxy with suspicious host parameters with 101 http status
  • If in ctrl-service.log are mentioned hotfix rollbacks with path traversal names
  • If /var/lib/unit/conf.json contains routes for /__api__/login or /__api__/logout (these URIs do not exist in legitimate configuration)

Should one of these indicators be present, it’s advised to re-image physical appliances or redeploy virtual appliances, change user and administrator passwords, and reset time-based one-time password tokens.

Adam Babis of SonicWall’s product security incident response team (PSIRT) has been credited with discovering and reporting the flaws. SonicWall also acknowledged the contributions of Volexity’s Sean Koessel and Steven Adair to help advance the internal investigation and identify an additional IoC.

The development has prompted the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to add the two flaws to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to apply the fixes by July 17, 2026.



Source link

The Hacker News

The Hacker News

Next Post
iLOQ powers smart access in Ring’s Mobile Security Tower

iLOQ powers smart access in Ring's Mobile Security Tower

Recommended.

Harmonic et Normann Engineering franchissent une étape importante avec 20 déploiements à large bande en Europe

Harmonic et Normann Engineering franchissent une étape importante avec 20 déploiements à large bande en Europe

December 4, 2025
What CIOs need to know about AIBOMs

What CIOs need to know about AIBOMs

February 17, 2026

Trending.

Cloud Market Share Q1 2026: AWS, Microsoft, Google Battling In AI Era

Cloud Market Share Q1 2026: AWS, Microsoft, Google Battling In AI Era

May 4, 2026
AWS Vs. Google Cloud Vs. Microsoft Azure Q1 Earnings Face-Off

AWS Vs. Google Cloud Vs. Microsoft Azure Q1 Earnings Face-Off

May 1, 2026
This Scammer Used an AI-Generated MAGA Girl to Grift ‘Super Dumb’ Men

This Scammer Used an AI-Generated MAGA Girl to Grift ‘Super Dumb’ Men

April 21, 2026
AT&T Vs. Verizon: How The Country’s Biggest Carriers Fared In Q4 2025

AT&T Vs. Verizon: How The Country’s Biggest Carriers Fared In Q4 2025

January 30, 2026
Anthropic’s 5 Huge Hires From OpenAI, Google, Microsoft And xAI In 2026

Anthropic’s 5 Huge Hires From OpenAI, Google, Microsoft And xAI In 2026

July 7, 2026

PTechHub

A tech news platform delivering fresh perspectives, critical insights, and in-depth reporting — beyond the buzz. We cover innovation, policy, and digital culture with clarity, independence, and a sharp editorial edge.

Follow Us

Industries

  • AI & ML
  • Cybersecurity
  • Enterprise IT
  • Finance
  • Telco

Navigation

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Subscribe to Our Newsletter

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Copyright © 2025 | Powered By Porpholio

No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs

Copyright © 2025 | Powered By Porpholio