
PEACH
Un cadre d’isolation des locataires
CVE-2026-4113 is an observable response discrepancy vulnerability (CWE-204) in SonicWall SMA1000 series appliances that allows a remote attacker to enumerate SSL VPN user credentials. It was published on April 9, 2026, by SonicWall and assigned a CVSS v3.1 base score of 7.2 (High) by CISA-ADP (GitHub Advisory, SonicWall PSIRT). Affected products include SMA6200, SMA6210, SMA7200, SMA7210 (firmware versions prior to 12.4.3-03387 or 12.5.0 through 12.5.0-02624), and SMA8200v (same version ranges) (GitHub Advisory).
The vulnerability is classified as CWE-204 (Observable Response Discrepancy), meaning the SMA1000 appliance returns distinguishably different responses to authentication requests depending on whether a submitted username is valid or invalid. An attacker can exploit this remotely over the network without user interaction by systematically submitting authentication requests and analyzing response differences to identify valid VPN user accounts. Exploitation requires high privileges according to the CVSS vector, though the enumeration capability itself is the primary concern for credential harvesting. No public proof-of-concept code has been identified (SonicWall PSIRT, GitHub Advisory).
Successful exploitation allows a remote attacker to enumerate valid SSL VPN user accounts on affected SonicWall SMA1000 appliances by distinguishing server responses for valid versus invalid usernames. This information can be leveraged to conduct targeted brute-force or credential stuffing attacks against the VPN infrastructure, potentially leading to unauthorized access. While the vulnerability itself does not directly grant access, the enumerated credentials could facilitate lateral movement into internal networks protected by the VPN (SonicWall PSIRT, GitHub Advisory).
SonicWall has released patched firmware versions addressing this vulnerability: 12.4.3-03387 and 12.5.0-02624 for all affected SMA1000 series appliances (SMA6200, SMA6210, SMA7200, SMA7210, SMA8200v). Organizations should upgrade to these versions immediately (SonicWall PSIRT). As interim mitigations, administrators should implement account lockout policies after a defined number of failed authentication attempts, monitor VPN authentication logs for enumeration patterns, restrict VPN access to known trusted IP ranges where feasible, and consider enabling multi-factor authentication to reduce the impact of credential enumeration.
The vulnerability received coverage from security news outlets including GBHackers and CyberSecurityNews, which reported on multiple SonicWall flaws disclosed around the same time, including SQL injection and privilege escalation issues (GBHackers, CyberSecurityNews). The Singapore Cyber Security Agency (CSA) issued an alert referencing the vulnerability (CSA Alert). Community discussion appeared on Reddit's r/sonicwall subreddit shortly after disclosure. Overall sentiment reflects routine concern about VPN appliance security given SonicWall's history as a target for threat actors.
Source: Ce rapport a été généré à l’aide de l’IA
Évaluation gratuite des vulnérabilités
Évaluez vos pratiques de sécurité cloud dans 9 domaines de sécurité pour évaluer votre niveau de risque et identifier les failles dans vos défenses.
Obtenez une démo personnalisée
"La meilleure expérience utilisateur que j’ai jamais vue, offre une visibilité totale sur les workloads cloud."
"Wiz fournit une interface unique pour voir ce qui se passe dans nos environnements cloud."
"Nous savons que si Wiz identifie quelque chose comme critique, c’est qu’il l’est réellement."