[source: 1]Date of Posting: 2026/07/17

【Vulnerability Alert】Critical Security Vulnerabilities Exist in SonicWall SMA 1000 Series Products (CVE-2026-15409)

  • Subject: 【Vulnerability Alert】Critical Security Vulnerabilities Exist in SonicWall SMA 1000 Series Products (CVE-2026-15409)


  • Description:
    • Forwarded from Taiwan Computer Emergency Response Team / Coordination Center Security Advisory TWCERTCC-200-202607-00000007
    • SonicWall has released a critical security vulnerability advisory (CVE-2026-15409, CVSS: 10.0) affecting its SMA 1000 series products. This is a Server-Side Request Forgery (SSRF) vulnerability present in the working interface of SMA 1000 series devices, which could allow an unauthenticated remote attacker to issue unexpected requests. Note: SonicWall PSIRT has investigated multiple cases indicating that this vulnerability is being actively exploited. It is highly recommended to implement temporary mitigation measures immediately to prevent potential attacks targeting this vulnerability.
  • Affected Platforms:
    • SMA 1000 series versions 12.4.3-03245 to 12.4.3-03434 (inclusive), SMA 1000 series versions 12.5.0-02283 to 12.5.0-02800 (inclusive)
  • Recommended Actions:
    • Please update to the following versions: SMA 1000 series version 12.4.3-03453 (inclusive) and later, SMA 1000 series version 12.5.0-02835 (inclusive) and later

Computer and Communication Center
Network System Division