Cisco fixes maximum-severity Secure FMC bugs threatening firewall security
Cisco fixes maximum-severity Secure FMC bugs threatening firewall security
Publish Date: 2026-03-04 17:10:00
Source Domain: securityaffairs.com
Cisco fixes maximum-severity Secure FMC bugs threatening firewall security
Pierluigi Paganini
March 04, 2026
Cisco patched two critical Secure FMC vulnerabilities that could let attackers gain root access to managed firewalls.
Cisco addressed two maximum-severity vulnerabilities in its Secure Firewall Management Center (FMC) that could allow attackers to gain root access. Cisco Secure Firewall Management Center (FMC) is a centralized management platform for Cisco firewalls.
It lets administrators configure, monitor, and control multiple firewalls from a single web or SSH interface. Through FMC, teams can manage policies for intrusion prevention (IPS), application control, URL filtering, advanced malware protection, logging, reporting, and overall network security posture across their environment.
The first vulnerability, tracked as CVE-2026-20079 (CVSS score of 10.0), is an authentication bypass issue.
The flaw resides in Cisco Secure FMC’s web interface and lets unauthenticated remote attackers bypass authentication and send crafted HTTP requests to execute scripts, potentially gaining root access to the underlying operating system.
“A vulnerability in the web interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and execute script files on an affected device to obtain root access to the underlying operating system.” reads the advisory. “This vulnerability is due to an improper system process that is created at boot time. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute a variety of scripts and commands that allow root access to the device.”
The second vulnerability, tracked as CVE-2026-20131 (CVSS score of 10.0), is a remote code execution issue.
The flaw resides in…
