Attackers are actively exploiting two zero-day vulnerabilities, CVE-2026-15409 and CVE-2026-15410, in SonicWall products, posing a significant threat to the company's customers. The vulnerabilities were publicly disclosed by SonicWall in a security advisory, with credit given to an employee for their discovery. However, the company has not provided information on when the vulnerabilities were first discovered or exploited. According to Rapid7 researchers, the vulnerabilities were first exploited on June 22, indicating a potentially lengthy window of exposure. The exploitation of these vulnerabilities expands the active attack surface, making it essential for organizations to prioritize their response based on exposure and evidence of exploitation1. This situation matters to security practitioners because it highlights the need for prompt patching and mitigation to prevent attackers from capitalizing on these newly disclosed vulnerabilities.
SonicWall customers under threat as attackers exploit 2 zero-days
⚠️ Critical Alert
Why This Matters
CVE-2026-15409 disclosure expands the active attack surface — prioritize based on your exposure and exploitation evidence.
References
- CyberScoop. (2026, July 15). SonicWall customers under threat as attackers exploit 2 zero-days. CyberScoop. https://cyberscoop.com/sonicwall-zero-day-vulnerabilities-exploited/
Original Source
CyberScoop
Read original →