U.S. CISA adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog

Staff Editor 2026-03-19
U.S. CISA adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog

U.S. CISA adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog

https://securityaffairs.com/189682/security/u-s-cisa-adds-a-flaw-in-cisco-fmc-and-cisco-scc-firewall-management-to-its-known-exploited-vulnerabilities-catalog.html

Publish Date: 2026-03-19 13:40:00

Source Domain: securityaffairs.com

U.S. CISA adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog

Pierluigi Paganini
March 19, 2026

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management, tracked as CVE-2026-20131 (CVSS score of 10.0), to its Known Exploited Vulnerabilities (KEV) catalog.

“A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device.” reads the advisory. “This vulnerability is due to insecure deserialization of a user-supplied Java byte stream. An attacker could exploit this vulnerability by sending a crafted serialized Java object to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the device and elevate privileges to root.”

The vulnerability is a remote code execution flaw that resides in Cisco Secure FMC’s web interface and allows unauthenticated remote attackers to exploit insecure Java deserialization and execute arbitrary code as root by sending a crafted serialized object.

The networking giant addressed the flaw in early March 2026.

The Interlock ransomware group has been exploiting this critical zero-day RCE vulnerability since late January.

Interlock ransomware group has been active since September 2024, it has targeted multiple organizations, including DaVita, Kettering Health, and Texas Tech University. Recently, researchers observed a new AI-assisted malware strain…

Source

More Stories

DentaQuest Data Breach Analysis: ShinyHunters Leak Exposes PII and PHI of 2.6 Million Members in 2026 – Rescana

DentaQuest Data Breach Analysis: ShinyHunters Leak Exposes PII and PHI of 2.6 Million Members in 2026 – Rescana

Staff Editor 2026-06-07
Automotive Cybersecurity News Q1 2026 – Vehicle Vulnerabilities Double Year-on-Year And Hackers “Brick” Thousands of Cars | Press Releases

Automotive Cybersecurity News Q1 2026 – Vehicle Vulnerabilities Double Year-on-Year And Hackers “Brick” Thousands of Cars | Press Releases

Staff Editor 2026-06-06
Project Glasswing: Key cybersecurity agencies set to get access to Anthropic’s Mythos | Business News

Project Glasswing: Key cybersecurity agencies set to get access to Anthropic’s Mythos | Business News

Staff Editor 2026-06-06

Terms and Conditions - Privacy Policy