CVE-2026-20079

Published Mar 4, 2026

Last updated 3 months ago

CVSS critical 10.0
Network

Overview

Description
A vulnerability in the web interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and execute script files on an affected device to obtain root access to the underlying operating system. This vulnerability is due to an improper system process that is created at boot time. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute a variety of scripts and commands that allow root access to the device.
Source
psirt@cisco.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Primary
Base score
10
Impact score
6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

psirt@cisco.com
CWE-288

Social media

Hype score
Not currently trending

Related CVEs

  1. Palo Alto Networks PAN-OS Authentication Bypass VulnerabilityCVE-2026-0257
  2. Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network.CVE-2026-40372
  3. A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to root. In single-node ISE deployments, successful exploitation of this vulnerability could cause the affected ISE node to become unavailable, resulting in a denial of service (DoS) condition. In that condition, endpoints that have not already authenticated would be unable to access the network until the node is restored.CVE-2026-20147
  4. Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an unauthorized attacker to execute code over a network.CVE-2026-33827
  5. Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network.CVE-2026-33824

References

Sources include official advisories and independent security research.