SonicWall security patch release for CVE-2026-15409
Security Patch Release
Summary
Hide ▲
Show ▼
SonicWall released hotfix security updates for SMA1000 appliances after confirming active exploitation of CVE-2026-15409 and CVE-2026-15410. The fixes are available in platform-hotfix 12.4.3-03453 and 12.5.0-02835 or later, covering affected SMA1000 models 6210, 7210, and 8200v. Customers were told to upgrade as soon as possible and check for compromise indicators. CISA KEV listing and the vendor's guidance indicate urgent remediation for exposed deployments.
Related Happenings
TrendAI Trend Micro’s enterprise business security patch release for CVE-2026-34926
Security Patch Release
H score45
First: 22.05.2026 11:19
Last: 22.05.2026 11:19
Sources 1
About this happening:
**TrendAI** released **Apex One** security updates after confirming a **zero-day** had been **exploited in the wild**, leaving **on-premises installations** at risk until patched....
TrendAI Trend Micro’s enterprise business security patch release for CVE-2026-34926
Security Patch ReleaseAbout this happening: **TrendAI** released **Apex One** security updates after confirming a **zero-day** had been **exploited in the wild**, leaving **on-premises installations** at risk until patched....
Cisco Secure Workload REST API patch release (CVE-2026-20223)
Security Patch Release
H score55
First: 22.05.2026 08:36
Last: 22.05.2026 08:36
Sources 1
About this happening:
Cisco patched **CVE-2026-20223**, a **CVSS 10.0** Secure Workload REST API flaw that could expose sensitive data and allow configuration changes across tenant boundaries. The upda...
Cisco Secure Workload REST API patch release (CVE-2026-20223)
Security Patch ReleaseAbout this happening: Cisco patched **CVE-2026-20223**, a **CVSS 10.0** Secure Workload REST API flaw that could expose sensitive data and allow configuration changes across tenant boundaries. The upda...
Cisco security patch release for CVE-2026-20182
Security Patch Release
H score60
First: 14.05.2026 20:45
Last: 14.05.2026 20:45
Sources 1
About this happening:
Cisco released **updates** for **CVE-2026-20182**, a **maximum-severity authentication bypass** in **Catalyst SD-WAN Controller/Manager**, after the flaw was **exploited in limite...
Cisco security patch release for CVE-2026-20182
Security Patch ReleaseAbout this happening: Cisco released **updates** for **CVE-2026-20182**, a **maximum-severity authentication bypass** in **Catalyst SD-WAN Controller/Manager**, after the flaw was **exploited in limite...
Broadcom VMware vCenter Server and Cloud Foundation patch advisory (CVE-2024-37079)
Advisory/Mitigation
H score40
First: 26.01.2026 13:49
Last: 26.01.2026 13:49
Sources 1
About this happening:
**Broadcom** told customers to apply security patches for **CVE-2024-37079** in **vCenter Server** and **Cloud Foundation**, after the flaw was tied to **active exploitation** and...
Broadcom VMware vCenter Server and Cloud Foundation patch advisory (CVE-2024-37079)
Advisory/MitigationAbout this happening: **Broadcom** told customers to apply security patches for **CVE-2024-37079** in **vCenter Server** and **Cloud Foundation**, after the flaw was tied to **active exploitation** and...
Trend Micro security patch release for CVE-2025-69258
Security Patch Release
H score39
First: 09.01.2026 12:01
Last: 09.01.2026 12:01
Sources 1
About this happening:
**Trend Micro** released **security updates** for **Apex Central for Windows** to fix **CVE-2025-69258**, a **9.8 CVSS** remote-code-execution flaw that could let an unauthenticat...
Trend Micro security patch release for CVE-2025-69258
Security Patch ReleaseAbout this happening: **Trend Micro** released **security updates** for **Apex Central for Windows** to fix **CVE-2025-69258**, a **9.8 CVSS** remote-code-execution flaw that could let an unauthenticat...
Timeline
-
15.07.2026 00:23 2 articles · 3h ago
SonicWall warns of active exploitation in SMA1000 and releases hotfixes
Initial DisclosureSonicWall warned that threat actors were actively exploiting CVE-2026-15409 and CVE-2026-15410 in zero-day attacks against SMA1000 models 6210, 7210, and 8200v, released hotfix versions 12.4.3-03453 and 12.5.0-02835 or later, published indicators of compromise for extraweb_access.log, ctrl-service.log, and /var/lib/unit/conf.json, and urged administrators to upgrade, re-image compromised appliances, and reset user credentials and TOTP tokens. CISA also added both vulnerabilities to the KEV catalog, and federal agencies were told to secure affected systems by July 17, 2026, or discontinue use of the product if mitigations could not be applied.
Show sources
- SonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now — www.bleepingcomputer.com — 15.07.2026 00:23
- SonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now — www.bleepingcomputer.com — 15.07.2026 00:23