Description
An observable response discrepancy vulnerability in the SonicWall SMA1000 series appliances allows a remote attacker to enumerate SSL VPN user credentials.
Published: 2026-04-09
Score: n/a
EPSS: < 1% Very Low
KEV: No
Impact: Credential Enumeration
Action: Patch
AI Analysis

Impact

This vulnerability allows a remote attacker to distinguish the responses of an SSL VPN service based on credential correctness. By observing subtle response differences, an attacker can confirm the validity of user names and passwords. The weakness resides in improper handling of authentication responses, pinpointed by CWE-204. Such enumeration could lead to credential compromise, enabling unauthorized access to the VPN and potentially to any resources accessible through it.

Affected Systems

Products affected are SonicWall SMA1000 series appliances. No specific firmware or configuration version ranges are listed in the available data.

Risk and Exploitability

The exploit is remote, targeting the SSL VPN interface over the network. Because no CVSS score or EPSS value is provided, the formal severity cannot be quantified, but the ability to enumerate valid credentials is inherently a high‑risk security issue. The vulnerability is not currently catalogued in CISA’s Known Exploited Vulnerabilities list, suggesting no widespread exploitation has been reported yet. An attacker would need network access to the SCCVPN endpoint and would benefit from repeated, automated trials to map valid usernames and passwords.

Generated by OpenCVE AI on April 9, 2026 at 16:28 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check the SonicWall PSIRT page linked in the advisory for any available firmware updates or patches.
  • If a patch is released, apply it to all SMA1000 appliances immediately.
  • Until a patch is available, monitor the SSL VPN logs for repeated authentication attempts and consider enabling account lockout or multi‑factor authentication to reduce enumeration success.

Generated by OpenCVE AI on April 9, 2026 at 16:28 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 10 Apr 2026 10:00:00 +0000

Type Values Removed Values Added
Title SSL VPN Credential Enumeration via Observable Response Discrepancy on SonicWall SMA1000

Fri, 10 Apr 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Sonicwall
Sonicwall sma1000
Vendors & Products Sonicwall
Sonicwall sma1000

Thu, 09 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Description An observable response discrepancy vulnerability in the SonicWall SMA1000 series appliances allows a remote attacker to enumerate SSL VPN user credentials.
Weaknesses CWE-204
References

Subscriptions

Sonicwall Sma1000
cve-icon MITRE

Status: PUBLISHED

Assigner: sonicwall

Published:

Updated: 2026-04-09T14:23:53.270Z

Reserved: 2026-03-13T11:57:20.974Z

Link: CVE-2026-4113

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-04-09T15:16:13.683

Modified: 2026-04-09T15:16:13.683

Link: CVE-2026-4113

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-10T09:32:48Z

Weaknesses