SMA1000 series

CVEs (6)

CVE	Sev	Risk	CVSS	KEV	Published	Description
CVE-2026-4116	Hig	0.47	7.2		Apr 9, 2026	Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP authentication.
CVE-2026-4113	Hig	0.47	7.2		Apr 9, 2026	An observable response discrepancy vulnerability in the SonicWall SMA1000 series appliances allows a remote attacker to enumerate SSL VPN user credentials.
CVE-2026-4112	Hig	0.47	7.2		Apr 9, 2026	Improper neutralization of special elements used in an SQL command (“SQL Injection”) in SonicWall SMA1000 series appliances allows a remote authenticated attacker with read-only administrator privileges to escalate privileges to primary administrator.
CVE-2026-4114	Med	0.43	6.6		Apr 9, 2026	Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN admin to bypass AMC TOTP authentication.
CVE-2025-40602		0.12	—	KEV	Dec 18, 2025	A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console (AMC).
CVE-2025-40603		0.00	—		Oct 31, 2025	A potential exposure of sensitive information in log files in SonicWall SMA100 Series appliances may allow a remote, authenticated administrator, under certain conditions to view partial users credential data.

CVE-2026-4116HigApr 9, 2026
risk 0.47cvss 7.2epss 0.00
Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP authentication.
CVE-2026-4113HigApr 9, 2026
risk 0.47cvss 7.2epss 0.00
An observable response discrepancy vulnerability in the SonicWall SMA1000 series appliances allows a remote attacker to enumerate SSL VPN user credentials.
CVE-2026-4112HigApr 9, 2026
risk 0.47cvss 7.2epss 0.00
Improper neutralization of special elements used in an SQL command (“SQL Injection”) in SonicWall SMA1000 series appliances allows a remote authenticated attacker with read-only administrator privileges to escalate privileges to primary administrator.
CVE-2026-4114MedApr 9, 2026
risk 0.43cvss 6.6epss 0.00
Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN admin to bypass AMC TOTP authentication.
CVE-2025-40602KEVDec 18, 2025
risk 0.12cvss —epss 0.00
A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console (AMC).
CVE-2025-40603Oct 31, 2025
risk 0.00cvss —epss 0.00
A potential exposure of sensitive information in log files in SonicWall SMA100 Series appliances may allow a remote, authenticated administrator, under certain conditions to view partial users credential data.