SonicWall SMA 1000 Zero‑Days Prompt Urgent Patches
🛡️ SonicWall warned of active exploitation of two zero‑day vulnerabilities affecting Secure Mobile Access (SMA) 1000 series appliances, including an SSRF that scores 10.0 and a post‑auth code injection allowing command execution. Patches are available in platform hotfix builds 12.4.3‑03453, 12.5.0‑02835 and later; customers are urged to apply fixes and perform forensic checks for specific IoCs. CISA added both flaws to its KEV catalog and set a July 17, 2026 deadline for federal agencies.
