CVE-2026-4116
CVSS Score
7.2
EPSS Score
0.0%
EPSS Percentile
10th
Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP authentication.
| CWE | CWE-176 |
| Vendor | sonicwall |
| Product | sma1000 |
| Published | Apr 9, 2026 |
| Last Updated | Apr 13, 2026 |
Stay Ahead of the Next One
Get instant alerts for sonicwall sma1000
Be the first to know when new high vulnerabilities affecting sonicwall sma1000 are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
SonicWall / SMA1000
12.4.3-03245 (platform-hotfix) and earlier versions. 12.5.0-02283 (platform-hotfix) and earlier versions.