CVE-2026-15410
HIGH KEV CISA Exploitation: ACTIVE
7.2
CVSS 3.1
Description
Post-authentication improper control of generation of code ('Code Injection') vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) which in specific conditions could potentially enable a remote authenticated attacker as administrator to execute arbitrary OS commands.
Metadata
Severity & Metrics
7.2
HIGH CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
SSVC — CISA Coordinator
CISA Known Exploited Vulnerability
Required action
Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
CISA description
SonicWall SMA1000 Appliances contain a code injection vulnerability which in specific conditions could potentially enable a remote authenticated attacker as administrator to execute arbitrary OS commands.
Affected products (1)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| SonicWall | SMA1000 | Linux | 12.4.3-03245 ≤ 12.4.3-03434, 12.5.0-02283 ≤ 12.5.0-02800 |
Weakness (CWE)
| CWE | Source | Description |
|---|---|---|
| CWE-94 | cna | CWE-94: Improper Control of Generation of Code ('Code Injection') |
CVSS scores (1)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 7.2 | HIGH | 3.1 | adp | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |