High severity7.2NVD Advisory· Published Apr 9, 2026· Updated May 14, 2026

CVE-2026-4113

Description

An observable response discrepancy vulnerability in the SonicWall SMA1000 series appliances allows a remote attacker to enumerate SSL VPN user credentials.

Affected products

SonicWall/Sma8200v
cpe:2.3:a:sonicwall:sma8200v:*:*:*:*:*:*:*:*
Range: <12.4.3-03387
SonicWall/Sma6200 Firmware
cpe:2.3:o:sonicwall:sma6200_firmware:*:*:*:*:*:*:*:*
Range: <12.4.3-03387
SonicWall/Sma6210 Firmware
cpe:2.3:o:sonicwall:sma6210_firmware:*:*:*:*:*:*:*:*
Range: <12.4.3-03387
SonicWall/Sma7200 Firmware
cpe:2.3:o:sonicwall:sma7200_firmware:*:*:*:*:*:*:*:*
Range: <12.4.3-03387
SonicWall/Sma7210 Firmware
cpe:2.3:o:sonicwall:sma7210_firmware:*:*:*:*:*:*:*:*
Range: <12.4.3-03387

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0003nvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.468
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000