Skip to main content

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

Cyber Security Agency of Singapore
Alerts

Critical Vulnerabilities in Cisco Secure Firewall Management Center

6 March 2026

Cisco has released security updates to address multiple maximum-severity vulnerabilities in its Secure Firewall Management Center software. Users and administrators of affected product versions are advised to update to the latest version immediately.

Background

Cisco has released security updates to address two critical vulnerabilities affecting its Secure Firewall Management Center (FMC). Both vulnerabilities have been assigned a Common Vulnerability Scoring System (CVSS v3.1) score of 10.0 out of 10.

  • CVE-2026-20079: An authentication bypass vulnerability in the web-based management interface that can be exploited by sending crafted HTTP requests to the affected device. This flaw is due to an improper system process created at boot time.

  • CVE-2026-20131: A remote code execution (RCE) vulnerability caused by insecure deserialisation of user-supplied Java byte streams in the web-based management interface.


Impact

Successful exploitation of these vulnerabilities could allow an unauthenticated, remote attacker to perform the following:

  • Root Access (CVE-2026-20079): Bypass authentication and execute script files to obtain root-level access to the underlying operating system.

  • Arbitrary Code Execution (CVE-2026-20131): Execute arbitrary code with root privileges on the affected device by sending a crafted serialised Java object.

Affected Products

The vulnerabilities affect Cisco Secure Firewall Management Center (FMC) Software.

  • CVE-2026-20079: Affects all on-premises Secure FMC software releases.

  • CVE-2026-20131: Affects on-premises Secure FMC software and Cisco Security Cloud Control (SCC) Firewall Management.

Note: Cisco SCC is a SaaS-delivered offering and has been automatically upgraded by Cisco; no user action is required for the cloud-delivered component.

Recommendations

Users and administrators of affected product versions are advised to update to the latest version immediately. Cisco has indicated that there are no workarounds available for these vulnerabilities.

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-onprem-fmc-authbypass-5JPp45V2?hl=en-SG

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-rce-NKhnULJh?hl=en-SG

https://nvd.nist.gov/vuln/detail/CVE-2026-20079

https://nvd.nist.gov/vuln/detail/CVE-2026-20131

https://www.bleepingcomputer.com/news/security/cisco-warns-of-max-severity-secure-fmc-flaws-giving-root-access/?hl=en-SG

Back to top