Observable Response Discrepancy in SonicWall SMA1000 Appliances
CVE-2026-4113

7.2HIGH

Key Information:

Vendor: Sonicwall
Status: Sma1000
Vendor: CVE Published:; 9 April 2026

What is CVE-2026-4113?

A vulnerability in SonicWall SMA1000 series appliances allows a remote attacker to exploit observable response discrepancies to enumerate user credentials for SSL VPN. This can potentially lead to unauthorized access and exploitation of sensitive data, making it essential for administrators to apply recommended patches and mitigate any security risks associated with this vulnerability.

Affected Version(s)

SMA1000 Linux 12.4.3-03245 (platform-hotfix) and earlier versions.

SMA1000 Linux 12.5.0-02283 (platform-hotfix) and earlier versions.

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-202...

vendor-advisory

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 9, 2026
Vulnerability Reserved
Mar 13, 2026

CVE-2026-4113 Data

JSON

Sonicwall

What is CVE-2026-4113?

Affected Version(s)

References

CVSS V3.1

Timeline