Multiple SonicWall Vulnerabilities Enable SQL Injection and Privilege Escalation Attacks

Home Cyber Security News Multiple SonicWall Vulnerabilities Enable SQL Injection and Privilege Escalation Attacks SonicWall has released a critical security advisory addressing four vulnerabilities affecting its Secure Mobile Access (SMA) 1000 series appliances. These security flaws could allow remote attackers to escalate privileges, bypass multi-factor authentication, and enumerate user credentials. The most severe vulnerability carries a CVSS v3 score of 7.2, making immediate patching a high priority for enterprise network administrators. Because SMA appliances serve as secure access gateways for remote workers, compromising these devices can grant attackers significant access to internal corporate networks. Fortunately, SonicWall reports that there is currently no evidence of these vulnerabilities being exploited in the wild. The company also clarified that these specific flaws do not impact the SSL-VPN features running on standard SonicWall firewalls. Multiple SonicWall Vulnerabilities The advisory outlines four distinct Common Vulnerabilities and Exposures (CVEs) impacting the SMA1000 series, discovered by security researchers Anthony Cihan, Danti Gionatan, and Philip Boldt. CVE-2026-4112 (CVSS 7.2): An improper neutralization flaw allows a remote authenticated attacker with read-only access to execute SQL injection attacks, escalating their privileges to full primary administrator control. CVE-2026-4113 (CVSS 5.3): An observable response discrepancy vulnerability allows an unauthenticated remote attacker to enumerate SSL VPN user credentials successfully. CVE-2026-4114 (CVSS 6.6): Improper handling of Unicode encoding allows a remote authenticated SSL VPN administrator to bypass AMC time-based one-time password (TOTP) authentication completely. CVE-2026-4116 (CVSS 6.0): A related Unicode handling issue allows a remote authenticated SSL VPN user to bypass Workplace or Connect Tunnel TOTP authentication mechanisms. Since there are no available workarounds or mitigations for these vulnerabilities, administrators must apply the provided platform hotfixes to secure their networks. Leaving these appliances unpatched exposes organizations to severe risks, particularly regarding the TOTP bypass vulnerabilities that neutralize key multi-factor authentication defenses. Users can download the latest platform hotfixes directly from the MySonicWall portal. SMA1000 appliances running version 12.4.3-03245 or earlier must be upgraded to the fixed version 12.4.3-03387 or higher. SMA1000 appliances running version 12.5.0-02283 or earlier must be upgraded to the fixed version 12.5.0-02624 or higher. Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories. RELATED ARTICLESMORE FROM AUTHOR Cyber Security News Palo Alto Cortex Microsoft Teams Integration Vulnerability Enables Data Access for Attackers Cyber Security News New Phishing Attack Via Google Storage Deploys Remcos RAT Cyber Security Hackers Claim to Have Stolen 10 Petabytes of Data from China’s Tianjin Supercomputer Center Top 10 Top 10 Best User Access Management Tools in 2026 April 4, 2026 Top 10 Best VPN For Chrome in 2026 April 4, 2026 20 Best Application Performance Monitoring Tools in 2026 April 3, 2026 Top 10 Best VPN For Linux In 2026 April 3, 2026 10 Best VPN For Privacy In 2026 April 2, 2026