Detections
Analytics

SonicWall SMA 1000 Series <= 12.4.3-03245 / 12.5.x <= 12.5.0-02283 Multiple Vulnerabilities (SNWLID-2026-0003)

high Nessus Plugin ID 305940

Synopsis

The remote device is affected by multiple vulnerabilities.

Description

The remote host is a SonicWall SMA 1000 Series device that is affected by multiple vulnerabilities:

 - A privilege escalation vulnerability due to improper neutralization of special elements used in an SQL command. A remote authenticated attacker with read-only administrator privileges can escalate privileges to primary administrator. (CVE-2026-4112)

 - An observable response discrepancy vulnerability that allows a remote attacker to enumerate SSL VPN user credentials. (CVE-2026-4113)

 - An improper handling of Unicode encoding vulnerability that allows a remote authenticated SSLVPN admin to bypass AMC TOTP authentication. (CVE-2026-4114)

 - An improper handling of Unicode encoding vulnerability that allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP authentication. (CVE-2026-4116)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to SonicWall SMA 1000 Series version 12.4.3-03387 or 12.5.0-02624 or later.

See Also

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0003

Plugin Details

Severity: High

ID: 305940

File Name: sonicwall_sma_SNWLID-2026-0003.nasl

Version: 1.1

Type: Remote

Family: CGI abuses

Published: 4/10/2026

Updated: 4/10/2026

Configuration: Enable paranoid mode, Enable thorough checks (optional)

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:M/C:C/I:C/A:C

CVSS Score Source: CVE-2026-4112

CVSS v3

Risk Factor: High

Base Score: 7.2

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: x-cpe:/o:sonicwall:firmware

Required KB Items: installed_sw/SonicWall Secure Mobile Access, Settings/ParanoidReport

Patch Publication Date: 4/8/2026

Vulnerability Publication Date: 4/8/2026

Reference Information

CVE: CVE-2026-4112, CVE-2026-4113, CVE-2026-4114, CVE-2026-4116

IAVA: 2026-A-0315