Cisco has handed security teams one of the largest ever patching workloads affecting its firewall products, including fixes for two ‘perfect 10’ vulnerabilities in the company’s Secure Firewall Management Center (FMC) Software. Overall, the March 4 release, the first of its semiannual firewall updates for 2026, addresses 25 security advisories covering 48 individual CVEs. The biggest concerns will be the FMC flaws, CVE-2026-20079 and CVE-2026-20131, the first of which is an authentication bypass weakness, and the second involving insecure deserialization. Both are rated ‘critical’ with maximum CVSS scores of 10. The weaknesses relate to the platform’s web management interface and give unauth...