Palo Alto Networks and SonicWall Issue Critical Security Patches

Patch Highlights

Palo Alto Networks and SonicWall have recently released patches for high-severity vulnerabilities affecting their respective products.

Palo Alto Networks Patch Details

• Critical Vulnerability in Microsoft Teams Integration:

An improper verification of a cryptographic signature issue allows attackers to access and manipulate secure resources.

According to Palo Alto Networks, “this vulnerability allows attackers to access and manipulate secure resources, enabling them to perform actions such as deleting data or modifying system configurations.”

• Medium-Severity Vulnerabilities:

Patches were released for medium-severity vulnerabilities in Autonomous Digital Experience Manager on Windows and Cortex XDR agent on Windows.

According to Palo Alto Networks, “these vulnerabilities could allow an attacker to execute arbitrary code or disable the XDR agent, potentially leading to unauthorized access or disruption of services.”

• Chromium Security Updates:

Nearly three dozen Chromium security updates were applied to resolve multiple open-source software vulnerabilities impacting Palo Alto Networks’ products.

SonicWall Patch Details

• High-Severity SQL Injection Bug:

A high-severity SQL injection bug (CVE-2026-4112) was patched in the SMA1000 series firewalls.

According to SonicWall, “an attacker exploiting this flaw can gain administrative privileges from read-only administrator permissions.”

• Other Patched Issues:

The other three patched issues enable remote attackers to retrieve SSL VPN user credentials or bypass TOTP authentication.

Both companies emphasize the need for swift action to prevent potential exploitation and recommend immediate updates for affected products.

About Author

Vaibhav

See author's posts