Multiple Vulnerabilities in SonicWall SMA1000 Series
Summary
The Cyber Security Agency of Singapore has issued an alert advising users to immediately update SonicWall SMA1000 series appliances due to four critical vulnerabilities (CVE-2026-4112, CVE-2026-4113, CVE-2026-4114, CVE-2026-4116). These flaws allow remote authenticated attackers to escalate privileges, enumerate SSL VPN credentials, and bypass TOTP authentication. Affected versions are prior to 12.4.3-03245 and 12.5.0-02283.
What changed
The Cyber Security Agency of Singapore issued an alert on April 13, 2026, addressing four vulnerabilities in SonicWall SMA1000 series appliances. CVE-2026-4112 enables privilege escalation from read-only admin to primary admin. CVE-2026-4113 allows unauthenticated enumeration of SSL VPN credentials. CVE-2026-4114 and CVE-2026-4116 permit bypass of AMC and Workplace/Connect Tunnel TOTP authentication respectively.
Organizations using SonicWall SMA1000 appliances must update to version 12.4.3-03245 (platform-hotfix) or 12.5.0-02283 (platform-hotfix) immediately to mitigate risk of credential theft, unauthorized access, and complete system compromise.
What to do next
- Update SonicWall SMA1000 to latest version immediately
- Review SSL VPN user accounts for unauthorized access
- Monitor for indicators of exploitation
Archived snapshot
Apr 13, 2026GovPing captured this document from the original source. If the source has since changed or been removed, this is the text as it existed at that time.
Alerts
Multiple Vulnerabilities in SonicWall SMA1000 Series
13 April 2026
SonicWall has released security updates to address multiple vulnerabilities in the SMA1000 series appliances. Users and administrators of affected products are advised to update to the latest version immediately.
Background
SonicWall has released security updates to address multiple vulnerabilities (CVE-2026-4112, CVE-2026-4113, CVE-2026-4114, and CVE-2026-4116) affecting the SonicWall SMA1000 series appliances.
Impact
Successful exploitation of these vulnerabilities could lead to the following:
CVE-2026-4112: Allowing a remote authenticated attacker with read-only administrator privileges to escalate privileges to primary administrator.
CVE-2026-4113: Allowing an unauthenticated remote attacker to enumerate SSL VPN user credentials.
CVE-2026-4114: Allowing a remote authenticated SSL VPN administrator to bypass AMC time-based one-time password (TOTP) authentication.
CVE-2026-4116: Allowing a remote authenticated SSL VPN user to bypass Workplace or Connect Tunnel TOTP authentication.
Affected Products
These vulnerabilities affect the following SonicWall SMA1000 series appliances:
SonicWall SMA1000 versions prior to 12.4.3-03245 (platform-hotfix)
SonicWall SMA1000 versions prior to 12.5.0-02283 (platform-hotfix)
Mitigation
Users and administrators of affected products are advised to update to the latest version immediately.
References
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0003
https://nvd.nist.gov/vuln/detail/CVE-2026-4112
https://nvd.nist.gov/vuln/detail/CVE-2026-4113
https://nvd.nist.gov/vuln/detail/CVE-2026-4114
Related changes
Get daily alerts for CSA Alerts & Advisories (Singapore)
Daily digest delivered to your inbox.
Free. Unsubscribe anytime.
Source
About this page
Every important government, regulator, and court update from around the world. One place. Real-time. Free. Our mission
Source document text, dates, docket IDs, and authority are extracted directly from CSA.
The summary, classification, recommended actions, deadlines, and penalty information are AI-generated from the original text and may contain errors. Always verify against the source document.
Classification
Who this affects
Taxonomy
Browse Categories
Get alerts for this source
We'll email you when CSA Alerts & Advisories (Singapore) publishes new changes.
Subscribed!
Optional. Filters your digest to exactly the updates that matter to you.