CVE-2026-4113
Published Apr 9, 2026
·Updated
An observable response discrepancy vulnerability in the SonicWall SMA1000 series appliances allows a remote attacker to enumerate SSL VPN user credentials.
Affected Software
15 affected components
SonicWall SMA 1000 Series
All of the following
Any of the following
SonicWall Sma6210 Firmware<12.4.3-03387
SonicWall Sma6210 Firmware>=12.5.0<12.5.0-02624
SonicWall Sma6210
SonicWall Sma8200v<12.4.3-03387
SonicWall Sma8200v>=12.5.0<12.5.0-02624
All of the following
Any of the following
SonicWall Sma7200 Firmware<12.4.3-03387
SonicWall Sma7200 Firmware>=12.5.0<12.5.0-02624
SonicWall Sma7200
All of the following
Any of the following
SonicWall Sma7210 Firmware<12.4.3-03387
SonicWall Sma7210 Firmware>=12.5.0<12.5.0-02624
SonicWall Sma7210
All of the following
Any of the following
SonicWall Sma6200 Firmware<12.4.3-03387
SonicWall Sma6200 Firmware>=12.5.0<12.5.0-02624
SonicWall Sma6200
Event History
Apr 9, 2026
CVE Published
via MITRE·02:23 PM
Data Sourced
via MITRE·02:23 PM
DescriptionWeakness
Data Sourced
via NVD·03:16 PM
DescriptionSeverityWeaknessAffected Software
Frequently Asked Questions
1
What is the severity of CVE-2026-4113?
CVE-2026-4113 has a high severity rating due to its potential for allowing unauthorized user credential enumeration.
2
How do I fix CVE-2026-4113?
To fix CVE-2026-4113, ensure that you apply the latest firmware updates provided by SonicWall for the SMA 1000 series appliances.
3
What are the potential impacts of CVE-2026-4113?
The potential impacts of CVE-2026-4113 include unauthorized access to user accounts through credential enumeration.
4
Who is affected by CVE-2026-4113?
Users of the SonicWall SMA 1000 series appliances are affected by CVE-2026-4113.
5
Is CVE-2026-4113 being actively exploited?
As of now, there are no confirmed reports of active exploitation of CVE-2026-4113 in the wild.