Access Control Flaw in SonicOS Management Interface
CVE-2026-0204

8HIGH

Key Information:

Vendor: Sonicwall
Status: Sonicos
Vendor: CVE Published:; 29 April 2026

What is CVE-2026-0204?

A flaw in the access control mechanism of SonicOS could inadvertently expose certain management interface functions, potentially allowing unauthorized users to access restricted operations under specific conditions. This vulnerability necessitates prompt assessment and mitigation to safeguard systems relying on SonicOS.

Affected Version(s)

SonicOS Linux 6.5.5.1-6n and older versions

SonicOS Linux 7.0.1-5169 and older versions

SonicOS Linux 7.3.1-7013 and older versions

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-202...

vendor-advisory

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 29, 2026
Vulnerability Reserved
Oct 30, 2025

CVE-2026-0204 Data

JSON

Sonicwall

What is CVE-2026-0204?

Affected Version(s)

References

CVSS V3.1

Timeline