—

CVE-2026-4114EXPLOITEDPATCHED

sonicwall · sma1000

CVE-2026-4114: Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN admin

Description

Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN admin to bypass AMC TOTP authentication.

Affected Products

Vendor	Product	Versions
sonicwall	sma1000	12.4.3-03245 (platform-hotfix) and earlier versions., 12.5.0-02283 (platform-hotfix) and earlier versions.

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0003(vendor-advisory)

Related News (1 articles)

Tier C

VulDB21d ago

CVE-2026-4114 | SonicWall SMA1000 AMC TOTP Authentication unicode encoding (SNWLID-2026-0003)

→ No new info (linked only)

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0003

CWECWE-176

PublishedApr 9, 2026

Last enriched21d agov2

Trending Score2

Source articles1

Independent1

Info Completeness8/14

Missing: cvss, epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-0204EXP

CVE-2026-0204: A vulnerability in the access control mechanism of SonicOS may allow certain management interface functions to be access

Trending: 76

CRITICALCVE-2026-0206EXP

CVE-2026-0206: A post-authentication Stack-based Buffer Overflow vulnerabilities in SonicOS allows a remote attacker to crash a firewal

Trending: 71

CRITICALCVE-2026-0205EXP

CVE-2026-0205: A post-authentication Path Traversal vulnerability in SonicOS allows an attacker to interact with usually restricted ser

Trending: 68

HIGHCVE-2026-4116

CVE-2026-4116: Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user t

Trending: 3

HIGHCVE-2026-4113EXP

CVE-2026-4113: An observable response discrepancy vulnerability in the SonicWall SMA1000 series appliances allows a remote attacker to

Trending: 2

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 9, 2026

Discovered by ZDM

Apr 9, 2026

Updated: severity, activelyExploited

Apr 9, 2026

Actively Exploited

Apr 13, 2026

Patch Available

Apr 13, 2026

Version History

Last enriched 21d ago

v2Tier C21d ago

Updated severity to CRITICAL and marked the vulnerability as actively exploited.

severityactivelyExploited

via VulDB

v121d ago

Initial creation