This vulnerability (CVE-2026-4116) arises from improper handling of Unicode encoding (CWE-176) in SonicWall SMA1000 appliances. It enables a remote authenticated SSLVPN user to bypass the Time-based One-Time Password (TOTP) authentication used by the Workplace/Connect Tunnel feature. The issue affects multiple versions up to and including 12.4.3-03245 and 12.5.0-02283 platform hotfixes. The CVSS v3.1 base score is 7.2, indicating high severity with network attack vector, low attack complexity, high privileges required, no user interaction, and impacts on confidentiality, integrity, and availability. No official remediation or patch information is currently available from the vendor.

Successful exploitation allows a remote authenticated SSLVPN user to bypass TOTP authentication, potentially compromising multi-factor authentication protections and increasing risk of unauthorized access to the VPN environment. The vulnerability impacts confidentiality, integrity, and availability of the affected system as indicated by the CVSS score.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until a patch or official fix is released, organizations should consider restricting SSLVPN user privileges, monitoring for unusual authentication bypass attempts, and applying compensating controls where feasible. Do not assume this vulnerability is mitigated without vendor confirmation.