{"id":225874,"date":"2026-03-20T11:09:00","date_gmt":"2026-03-20T15:09:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/03\/20\/cisa-orders-feds-to-patch-max-severity-cisco-flaw-by-sunday\/"},"modified":"2026-03-20T19:40:26","modified_gmt":"2026-03-20T23:40:26","slug":"cisa-orders-feds-to-patch-max-severity-cisco-flaw-by-sunday","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/03\/20\/cisa-orders-feds-to-patch-max-severity-cisco-flaw-by-sunday\/","title":{"rendered":"CISA orders feds to patch max-severity Cisco flaw by Sunday"},"content":{"rendered":"<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/cisa-orders-feds-to-patch-max-severity-cisco-flaw-by-sunday\/\">CISA orders feds to patch max-severity Cisco flaw by Sunday<\/a><\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/cisa-orders-feds-to-patch-max-severity-cisco-flaw-by-sunday\/\">https:\/\/www.bleepingcomputer.com\/news\/security\/cisa-orders-feds-to-patch-max-severity-cisco-flaw-by-sunday\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-03-20 11:09:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.bleepingcomputer.com\">www.bleepingcomputer.com<\/a><\/p>\n<p style=\"text-align:center\">\n<p>The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch a maximum-severity vulnerability, CVE-2026-20131, in Cisco Secure Firewall Management Center (FMC) by Sunday,\u00a0March 22.<\/p>\n<p>Cisco published a\u00a0security bulletin about the flaw on March 4, urging system administrators to apply the security updates as soon as possible and warning that no workarounds are available.<\/p>\n<p>The Cisco Secure Firewall Management Center (FMC) is a centralized administration system for critical Cisco network security appliances, such as firewalls, application control, intrusion prevention, URL filtering, and malware protection.<\/p>\n<p>\u201cA vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device,\u201d Cisco says in the advisory.<\/p>\n<p>The issue is caused by insecure deserialization of a user-supplied Java byte stream and is exploitable by sending a specially crafted serialized Java object to the web-based management interface of an affected device.<\/p>\n<p>On March 18, the vendor updated its bulletin to warn of active exploitation of CVE-2026-20131 in the wild.\u00a0Amazon threat intelligence researchers confirmed that threat actors are leveraging the vulnerability in attacks, noting that the Interlock ransomware gang had been exploiting it as a zero-day since the end of January.<\/p>\n<p>Amazon stated that the ransomware threat actor exploited CVE-2026-20131 more than a month before the vendor published the patch.<\/p>\n<p>Interlock ransomware has claimed several high-profile victims since its launch in late 2024, including DaVita, Kettering Health, the Texas Tech University System, and the city of Saint Paul, Minnesota.<\/p>\n<p>The threat actor\u00a0is also using the ClickFix technique for initial access, as well as custom remote access trojans and malware strains like NodeSnake and Slopoly.<\/p>\n<p>CISA has added CVE-2026-20131 to its&#8230;<\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/cisa-orders-feds-to-patch-max-severity-cisco-flaw-by-sunday\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>CISA orders feds to patch max-severity Cisco flaw by Sunday https:\/\/www.bleepingcomputer.com\/news\/security\/cisa-orders-feds-to-patch-max-severity-cisco-flaw-by-sunday\/ Publish Date: 2026-03-20 11:09:00&#8230;<\/p>\n","protected":false},"author":1,"featured_media":225875,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.bleepstatic.com\/content\/hl-images\/2025\/01\/13\/CISA--headpic.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,32,29,34,27],"class_list":["post-225874","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-malware","tag-network-security","tag-threat-actor","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/225874"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=225874"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/225874\/revisions"}],"predecessor-version":[{"id":225876,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/225874\/revisions\/225876"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/225875"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=225874"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=225874"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=225874"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}