Table of Contents
In this week’s Security Advisory
- SonicWall Essential Credential Reset
- Cisco Releases Patches for 50 Vulnerabilities
- Fortinet Patches 22 Vulnerabilities
- Microsoft’s March Patch Tuesday Release
- SAP Releases March Patch Cycle
SonicWall Essential Credential Reset
Security researchers have pointed out that not all customers have taken steps to properly protect themselves from credentials that may have been exposed during the attack on SonicWalls Cloud Backup System in 2025. SonicWall disclosed a breach in September 2025, initially claiming fewer than 5% of customer firewall configuration backup files were stolen, but later admitted that backups from all customers had been exfiltrated. The company has not yet publicly confirmed the root cause of the breach.
CyberMaxx suggests rotating credentials that may have been stored on SonicWall devices, granting access to VPN interfaces, and enforcing MFA to access both.
Recommendations
Follow this guide for credential rotation across all configured services to mitigate risks from potentially exposed firewall configuration backups.
More Reading / Information
Cisco Releases Patches for 50 Vulnerabilities
Cisco has released patches for 50 vulnerabilities across many of its products, including two critical severity vulnerabilities. The first critical vulnerability is CVE-2026-20079 (CVSS 10/10), which is an authentication bypass in the web interface of Cisco Secure FMC software. The second critical vulnerability, CVE-2026-20131 (CVSS 10/10), can allow an attacker to execute code with root privileges. The advisories also contain nine high-severity vulnerabilities affecting its ASA Firewall, Secure FMC, and Secure FTD appliances.
Affected Versions
- A full list of affected versions can be found here.
Recommendations
- Apply the latest patches.
More Reading / Information
- https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75736
- https://www.securityweek.com/cisco-patches-critical-vulnerabilities-in-enterprise-networking-products/
Fortinet Patches 22 Vulnerabilities
Fortinet has released patches for almost two dozen vulnerabilities affecting different products. This includes seven high-severity vulnerabilities that affect products like FortiWeb, FortiSwitchAXFixed, FortiManager, and FortiClientLinux. The FortiWeb, FortiSwitchAXFixed, and FortiManager issues can be exploited by a remote, unauthenticated attacker to bypass the authentication rate limit or execute unauthorized commands.
Affected Versions
- A full list of affected versions can be found here.
Recommendations
- Apply the latest patches.
More Reading / Information
- https://www.fortiguard.com/psirt?page=1&date=&severity=&product=&component=&version=
- https://www.securityweek.com/fortinet-ivanti-intel-patch-high-severity-vulnerabilities/
Microsoft’s March Patch Tuesday Release
The March Microsoft Patch Tuesday has security updates for 79 vulnerabilities, including two publicly disclosed zero-day vulnerabilities. CVE-2026-21262 (CVSS 8.8/10) is an SQL Server Elevation of Privilege Vulnerability, where attackers with authorized network access could escalate privileges to administrative levels on affected SQL Server environments. CVE-2026-26127 (CVSS 7.8./10) is a .NET Denial of Service Vulnerability. Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network.
Affected Versions
- A full list of affected versions can be found here.
Recommendations
- Apply the latest patches.
More Reading / Information
- https://www.bleepingcomputer.com/news/microsoft/microsoft-march-2026-patch-tuesday-fixes-2-zero-days-79-flaws/
- https://thehackernews.com/2026/03/microsoft-patches-84-flaws-in-march.html
SAP Releases March Patch Cycle
SAP has released patches for 15 vulnerabilities for this month’s patch cycle, including an update to a vulnerability from 2019. The old vulnerability, CVE-2019-17571 (CVSS 9.8/10), is a deserialization of untrusted data defect in Apache Log4j that affects SAP’s Quotation Management Insurance (FS-QUO) product. There have been no reports of any of these vulnerabilities being exploited in the wild.
Affected Versions
- A full list of affected versions can be found here.
Recommendations
- Apply the latest patches.
More Reading / Information
- https://support.sap.com/en/my-support/knowledge-base/security-notes-news/march-2026.html
- https://www.securityweek.com/sap-patches-critical-fs-quo-netweaver-vulnerabilities/
Recommendations
Please review your environment to ensure the above-mentioned issues are patched in a timely manner. It is security best practice to regularly update and/or patch software to the latest versions. The vulnerabilities above highlight the security benefits of limiting deployed software to “vendor-supported versions” only. This dramatically increases the likelihood that new vulnerabilities have a patch issued for them. Likewise, CyberMaxx strongly encourages maintaining an inventory of current software in your environment, which helps ensure and inform your patch and vulnerability management program.