These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2026-4114 is a SonicWall SMA1000 issue where improper handling of Unicode encoding can let a remote authenticated SSLVPN admin bypass AMC TOTP authentication. The NVD record cites CWE-176 and rates the issue CVSS 6.6/Medium, with an AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H vector. Because the affected path involves remote administrative access, organizations should treat it as a high-priority fix for expos [truncated]
CVE-2026-4112 affects SonicWall SMA1000 series appliances and was published on 2026-04-09. According to the public description, a remote authenticated attacker with read-only administrator privileges can abuse an SQL injection weakness to escalate to primary administrator. That combination of authenticated access and full privilege gain makes this a serious management-plane issue for any environment that [truncated]
CVE-2025-40602 is a SonicWall SMA1000 appliance missing authorization vulnerability that was added to CISA’s Known Exploited Vulnerabilities catalog on 2025-12-17. Because it is a KEV-listed issue, defenders should treat it as a high-priority remediation item, especially for any internet-accessible SMA1000 deployments. CISA’s guidance is to apply vendor mitigations, follow applicable BOD 22-01 guidance fo [truncated]
CVE-2023-44221 is an OS command injection issue affecting SonicWall SMA100 Appliances. CISA added it to the Known Exploited Vulnerabilities catalog on 2025-05-01, which means defenders should treat it as actively exploited and prioritize remediation. The supplied corpus does not provide affected-version details or a CVSS score, so the safest response is to follow SonicWall mitigation guidance, confirm whe [truncated]
CVE-2021-20035 is a SonicWall SMA100 Appliances OS command injection vulnerability that CISA added to its Known Exploited Vulnerabilities catalog on 2025-04-16. A KEV listing means the issue is known to be actively exploited, so affected environments should treat it as a high-priority exposure. CISA’s entry directs organizations to apply vendor mitigations, follow BOD 22-01 guidance for cloud services whe [truncated]
CVE-2024-53704 is a SonicWall SonicOS SSLVPN improper authentication issue that CISA lists in its Known Exploited Vulnerabilities catalog. Because it is marked as known exploited and associated with known ransomware campaign use, organizations should treat remediation as urgent and follow vendor guidance immediately.
CVE-2025-23006 is a SonicWall SMA1000 Appliances deserialization vulnerability that CISA added to its Known Exploited Vulnerabilities catalog on 2025-01-24. CISA marks it as known exploited and notes known ransomware campaign use. The public corpus provided here does not include affected version ranges or patch details, so defenders should treat this as an urgent exposure and follow SonicWall’s official g [truncated]
CVE-2024-40766 is a SonicWall SonicOS improper access control issue that CISA added to the Known Exploited Vulnerabilities catalog on 2024-09-09. CISA marks the vulnerability as known to be used in ransomware campaigns and sets a remediation due date of 2024-09-30. Because the public corpus provided here does not include a CVSS score or deeper technical detail, the safest response is to treat this as an u [truncated]
CVE-2021-20028 is a SQL injection vulnerability in SonicWall Secure Remote Access (SRA). CISA added it to the Known Exploited Vulnerabilities catalog on 2022-03-28, and the KEV record marks it as associated with known ransomware campaign use. CISA also notes the impacted product is end-of-life and should be disconnected if still in use. Because the product is legacy and the vulnerability is known to be ex [truncated]
CVE-2019-7483 is a SonicWall SMA100 directory traversal vulnerability that CISA lists in its Known Exploited Vulnerabilities catalog. In the supplied source corpus, CISA’s entry is dated 2022-03-28 and directs defenders to apply updates per vendor instructions. Because it is in KEV, it should be treated as a high-priority remediation item, especially for any exposed SMA100 deployments.
CVE-2020-5135 is a SonicWall SonicOS buffer overflow vulnerability that CISA added to its Known Exploited Vulnerabilities (KEV) catalog on 2022-03-15. CISA’s catalog entry instructs defenders to apply updates per vendor instructions, and the remediation due date in the KEV record is 2022-04-05. Because it is on the KEV list, organizations using SonicWall SonicOS should treat it as a priority patching item [truncated]
CVE-2021-20038 is a stack-based buffer overflow affecting SonicWall SMA 100 Appliances. It was published on 2022-01-28 and is included in CISA’s Known Exploited Vulnerabilities catalog, with CISA marking known ransomware campaign use. Treat this as an urgent patching and exposure review item.
CVE-2021-20023 is a SonicWall Email Security path traversal vulnerability that CISA added to its Known Exploited Vulnerabilities catalog on 2021-11-03. CISA also marks it as having known ransomware campaign use and directs affected organizations to apply vendor updates, so any unpatched deployment should be treated as an urgent remediation item.
CVE-2021-20022 is a SonicWall Email Security unrestricted file upload vulnerability that CISA added to its Known Exploited Vulnerabilities catalog on 2021-11-03. CISA marks it as known to be used in ransomware campaigns and directs defenders to apply updates per vendor instructions. Because SonicWall Email Security is an internet-facing security product in many environments, this issue should be treated a [truncated]
CVE-2021-20021 is a SonicWall Email Security vulnerability described as improper privilege management. CISA added it to the Known Exploited Vulnerabilities catalog on 2021-11-03, which means it is treated as actively exploited and should be prioritized for remediation.
CVE-2021-20016 is a SonicWall SSLVPN SMA100 SQL injection vulnerability that CISA added to its Known Exploited Vulnerabilities catalog on 2021-11-03. The same CISA record says the issue had known ransomware campaign use and directs organizations to apply vendor updates. Because this affects an internet-facing SSL VPN product and is officially tracked as known exploited, it should be treated as a high-prio [truncated]
CVE-2019-7481 is a SonicWall SMA100 SQL injection vulnerability that CISA added to the Known Exploited Vulnerabilities catalog on 2021-11-03. CISA marks it as known exploited and notes known ransomware campaign use. The recommended defensive action in the KEV entry is to apply updates per vendor instructions.