CVE-2026-20131
Published Mar 4, 2026
Last updated 2 months ago
- Description
- A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device. This vulnerability is due to insecure deserialization of a user-supplied Java byte stream. An attacker could exploit this vulnerability by sending a crafted serialized Java object to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the device and elevate privileges to root. Note: If the FMC management interface does not have public internet access, the attack surface that is associated with this vulnerability is reduced.
- Source
- psirt@cisco.com
- NVD status
- Analyzed
- Products
- secure_firewall_management_center
CVSS 3.1
- Type
- Secondary
- Base score
- 10
- Impact score
- 6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability
- Exploit added on
- Mar 19, 2026
- Exploit action due
- Mar 22, 2026
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- psirt@cisco.com
- CWE-502
- Hype score
- Not currently trending
🚨 THREAT INTEL | May 14, 2026 🔴 CRITICAL: CVE-2026-0300 Palo Alto RCE | CVE-2026-31431 Linux PrivEsc (due TOMORROW) | CVE-2026-20131 Cisco FMC RCE (ransomware) 🦠 Active: Mirai, Vidar, CobaltStrike, NWHStealer 🛡️ Block: 176.65.139.0/24 #CyberSecurity #ThreatIntel htt
@404LABSx
14 May 2026
83 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 Ransomware Intel WANNACRY Ransomware Gang: 33 New Victims Posted — Critical Infrastructure Targe… "CVE-2023-21529:** Microsoft Exchange Server Deserialization CVE-2026-20131:**…" 🔗 https://t.co/Po7R1rGfvC #CyberSecurity #ThreatIntel #ransomwaregang #wannacry #ra
@SecurityAr58409
29 Apr 2026
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2024-32002 2 - CVE-2025-20333 3 - CVE-2026-20131 4 - CVE-2026-33626 5 - CVE-2024-57726 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
27 Apr 2026
313 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 THREAT INTEL Mar 25 | 🔴 CRITICAL RCE: Cisco FMC CVE-2026-20131 (ransomware active!) | 🟠 Patch TODAY: n8n CVE-2025-68613 | 🦠 Active: QakBot, Vidar, CobaltStrike | ⚠️ Russian APT hijacking Signal/WhatsApp | 🛡️ Block: 50.16.16.211 #CyberSecurity #ThreatIntel h
@404LABSx
25 Mar 2026
125 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Ip Protocol 1. KEV-DELTA SYNC (MAR 23): •CRITICAL: CISA added CVE-2025-32432 (Craft CMS) and CVE-2025-54068 (Laravel Livewire) to the KEV catalog on Friday, March 20. •PATCH DEADLINE: Federal agencies must remediate by April 3, 2026. •NEW ADDITION: CVE-2026-20131
@SteveAJ777
23 Mar 2026
140 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Three major Cisco management platform vulnerabilities in 2026. All in web interfaces. All CVSS 9+. CVE-2026-20131 (FMC) — CVSS 10, RCE as root CVE-2026-20127 (SD-WAN vManage) — RCE CVE-2023-20198 (IOS-XE web UI) — privilege escalation The pattern is undeniable: web-based
@FirstPassLab
21 Mar 2026
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "E0780AD6-4F38-4400-AA63-E41879F74B68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "86BA5BA6-1F79-4C89-A3F4-A56E2B664AED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "52C7994F-AA17-467B-919E-A49F0CC9DB47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "9F007F6B-1EAA-468C-8159-78B020DF1E58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "C9053FDE-A6BE-4535-AE36-A323F8B7ACA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "6E255975-F952-43AB-A577-B8D331DDB3AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DFA94312-376E-4785-888F-3C07612E1DF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "29E73FBF-2579-4660-AFFA-7F9607004226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "87FAAFFB-0589-441B-8289-8B8A6E18F705",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "73B92119-793D-4A43-A056-24DB6826E759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "093A0BC2-037C-463F-AFC5-EF11C2954EAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4F434FC-CAA4-4DBB-8094-C4ECC28B31E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "68C70BB3-33B3-4E7E-99D5-FF76D4ED96AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B881B8DF-A96D-4B64-B98A-71F0D3388641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A97625-D39C-42D5-89E4-415A868A0972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5E4D83B4-9697-4071-AC9F-7ADC86A6B529",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F81F708-ACED-4E42-8CA9-116B5C4F5141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3C86116B-8475-40A0-A507-D4A7947F5F2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B98BFDB6-0884-4A5B-B2F6-102AE22665C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "44D21149-BF7B-4188-A336-49AA5683BDC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "708A721E-11D2-4E9B-9F11-5B82F3FA742C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "943BDA7B-0E37-4914-B7B2-EDFD58FAF653",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A58A2DA5-3EE7-408D-AAFA-82330F0325B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA98EEC-2059-4CA9-92F1-72C1E0BB7EC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C51EE7-866B-410C-B75E-EF260D5062B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1FFD07-B874-4D3C-8E2C-9A204F1E994E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5ACB9E-86AF-4EC1-9F36-A202429CD0F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD1E4527-AAE2-4DA9-AFDA-6375839F7843",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2F0AF047-EAE9-4C77-BCEF-5CB26F84C742",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2ED03874-4071-4382-8A46-8B3A59E601FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BF84E043-DF3C-4A95-8FDA-B0FDCD795377",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B9498087-9642-4A86-B3EE-1513C55A86E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36C229AB-2851-48D4-815A-63AAB4462A24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6DA4BCFC-8237-4F5C-9863-523EE7D8619B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "07693A92-7D84-45A1-ACD6-D83AE41D504B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2C78050A-A5FB-427B-BF0D-0353B240A4FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "85E76AE7-12AC-4419-AE66-43730B173B4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4D803EC9-26EE-4799-A435-C782C92739CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6EEF87CD-2335-4886-A65C-4E33775AEC52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "953EB81A-1B53-4A57-9F59-D4A7D37E657E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1CB534BC-3E4D-4484-AFD0-69524B1F07F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D6514BF0-5A21-4C3A-9D9D-49677D7A2409",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B291AF23-55FF-4F9A-87AC-76AA3BB3562F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4170B357-C086-483A-BC6C-CB1391FA5831",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0B72005B-FBF0-4B0D-975B-178B511598B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D401072-6709-4921-8918-720F28D61E24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C0EA3467-4205-4C41-AF24-689330F7396B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9BE94E38-5F29-4AE1-8129-7F7582C2CC75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FEF603AD-D69B-4DD8-A7F4-6BEFD355EF29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6BD1665-7824-4D98-A930-432CBDA4EAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8056E69-22FA-4935-A576-916805D90C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A80BBBE-DB5E-460A-8621-6E28D2BD6E44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2B33F953-FEF3-4C46-A12A-2A42D8339D6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B2C8DF03-2280-48B8-AC1E-4AAA31A36BDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A3CCC30D-FC39-4F59-B338-6753F6094387",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE484EB-FFFF-4DBA-8C45-77635BEBCE32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.4.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C663EDB2-E632-4915-BF37-EEE22FF26ED4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "30F378A2-E599-44E7-B81F-845D84E0FDE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "366D966F-B60E-46B9-AD0C-D0C0692C984F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3A3E6840-7B1E-45F8-9527-3DB66A9267EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FCBDBC61-B4B4-462F-B039-8F5C1B189AE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "73CB0C9D-263A-439C-BAF9-87D1EFE50184",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DE58474E-D8D8-468D-9866-8C67607181E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "29F91F5E-7049-400A-9C39-B20A639DD61D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D71C054A-63FF-4858-A044-03FA72DA2C8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "388E9714-FCB6-41DD-A5C4-19E73AF2FBCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5BBDBCE8-CD5E-48BD-B61B-A36376C5A585",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D098596D-8156-4130-9180-A48D2ECB0910",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.7.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "34649064-8BCE-4A61-BA3A-17CBC4690C7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.7.11:*:*:*:*:*:*:*",
"matchCriteriaId": "9CE3E9B1-4817-4734-9EE9-E16698D3F709",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "05AE4609-A851-4B64-8506-117B0F92F7A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]