SSL VPN Credential Enumeration in SonicWall SMA1000
CVE-2026-4113 Published on April 9, 2026
An observable response discrepancy vulnerability in the SonicWall SMA1000 series appliances allows a remote attacker to enumerate SSL VPN user credentials.
Vulnerability Analysis
CVE-2026-4113 can be exploited with network access, and requires user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Weakness Type
Observable Response Discrepancy
The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere. This issue frequently occurs during authentication, where a difference in failed-login messages could allow an attacker to determine if the username is valid or not. These exposures can be inadvertent (bug) or intentional (design).
Affected Versions
SonicWall SMA1000:- Version 12.4.3-03245 (platform-hotfix) and earlier versions. is affected.
- Version 12.5.0-02283 (platform-hotfix) and earlier versions. is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.