Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
Palo Alto Networks & SonicWall Fix Critical Security Bugs

Palo Alto Networks & SonicWall Fix Critical Security Bugs

Posted on April 9, 2026 By CWS

Palo Alto Networks and SonicWall have each announced the release of patches addressing multiple vulnerabilities discovered in their products, with a focus on resolving critical security issues.

Palo Alto Networks Addresses Severe Flaws

Palo Alto Networks has rolled out updates to fix three main vulnerabilities within their systems. These include third-party corrections applicable to the Cortex platforms, Autonomous Digital Experience Manager (ADEM) for Windows, PAN-OS, and products utilizing a Chromium-based browser.

The most critical of these concerns is identified as CVE-2026-0234, which involves improper cryptographic signature verification within the Cortex XSOAR and Cortex XSIAM platforms when integrating Microsoft Teams. Exploiting this vulnerability could permit unauthorized access and manipulation of protected resources.

Additional patches were issued for medium-severity flaws in the Autonomous Digital Experience Manager on Windows and the Cortex XDR agent on Windows, which could potentially allow the execution of arbitrary code or the disabling of the XDR agent. Moreover, the company integrated approximately three dozen Chromium security corrections into its products and addressed multiple open-source software CVEs affecting its systems.

SonicWall’s Security Enhancements

SonicWall has similarly issued patches for four vulnerabilities found in its SMA1000 series firewalls. Among these, a high-severity SQL injection vulnerability, tracked as CVE-2026-4112, is particularly noteworthy. This flaw could enable attackers with read-only admin rights to escalate their privileges to primary admin status.

Additional vulnerabilities addressed include risks that allow remote attackers to enumerate SSL VPN user credentials or bypass TOTP authentication mechanisms. Despite no current evidence of these vulnerabilities being exploited, SonicWall advises users to update their SMA1000 series devices promptly to mitigate potential risks.

Broader Implications and Recommendations

Both Palo Alto Networks and SonicWall emphasize that there is no indication of these vulnerabilities being actively exploited. However, they strongly recommend that users apply the latest patches to enhance their security posture.

Further details on these vulnerabilities and their fixes can be accessed through the respective companies’ security advisories. Continuous monitoring and timely updates are crucial for maintaining robust cybersecurity defenses.

For more information on related security updates, users can refer to advisories about data leakage vulnerabilities in OpenSSL, severe issues in Android’s StrongBox, critical vulnerabilities patched by Cisco, and high-severity router vulnerabilities addressed by TP-Link.

Security Week News Tags:Chromium fixes, Cortex XSOAR, CVE, Cybersecurity, Palo Alto Networks, security patches, SMA1000, SonicWall, SQL injection, Vulnerabilities

Post navigation

Previous Post: New MacOS Attack Bypasses Security via Script Editor
Next Post: New MacOS Malware Targets Crypto Wallets with ClickFix

Related Posts

Iranian Hackers Exploit Stolen Credentials in Stryker Cyberattack Iranian Hackers Exploit Stolen Credentials in Stryker Cyberattack Security Week News
AI in SaaS: Uncovering Hidden Risks and Security Challenges AI in SaaS: Uncovering Hidden Risks and Security Challenges Security Week News
China’s Cyber Silence is More Worrying Than Russia’s Noise, Chief Cybersecurity Strategist Says China’s Cyber Silence is More Worrying Than Russia’s Noise, Chief Cybersecurity Strategist Says Security Week News
Chrome 140 Update Patches Sixth Zero-Day of 2025 Chrome 140 Update Patches Sixth Zero-Day of 2025 Security Week News
Apple Blocks 2 Million App Store Apps for Security in 2025 Apple Blocks 2 Million App Store Apps for Security in 2025 Security Week News
Ox Security Bags M Series B to Tackle Appsec Alert Fatigue  Ox Security Bags $60M Series B to Tackle Appsec Alert Fatigue  Security Week News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • GitLab Urges Immediate Update to Fix Security Flaws
  • Microsoft Addresses Defender Vulnerability ‘RoguePlanet’
  • Microsoft Addresses Crucial Zero-Day in Defender
  • Data Breach at Mount Royal University Revealed
  • Microsoft Secures Defender Against Critical Privilege Flaw

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • GitLab Urges Immediate Update to Fix Security Flaws
  • Microsoft Addresses Defender Vulnerability ‘RoguePlanet’
  • Microsoft Addresses Crucial Zero-Day in Defender
  • Data Breach at Mount Royal University Revealed
  • Microsoft Secures Defender Against Critical Privilege Flaw

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark