- Description
- A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device. This vulnerability is due to insecure deserialization of a user-supplied Java byte stream. An attacker could exploit this vulnerability by sending a crafted serialized Java object to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the device and elevate privileges to root. Note: If the FMC management interface does not have public internet access, the attack surface that is associated with this vulnerability is reduced.
- Source
- psirt@cisco.com
- NVD status
- Analyzed
- Products
- secure_firewall_management_center
CVSS 3.1
- Type
- Secondary
- Base score
- 10
- Impact score
- 6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability
- Exploit added on
- Mar 19, 2026
- Exploit action due
- Mar 22, 2026
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- psirt@cisco.com
- CWE-502
- Hype score
- Not currently trending
🚨 THREAT INTEL Mar 25 | 🔴 CRITICAL RCE: Cisco FMC CVE-2026-20131 (ransomware active!) | 🟠 Patch TODAY: n8n CVE-2025-68613 | 🦠 Active: QakBot, Vidar, CobaltStrike | ⚠️ Russian APT hijacking Signal/WhatsApp | 🛡️ Block: 50.16.16.211 #CyberSecurity #ThreatIntel h
@404LABSx
25 Mar 2026
125 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Ip Protocol 1. KEV-DELTA SYNC (MAR 23): •CRITICAL: CISA added CVE-2025-32432 (Craft CMS) and CVE-2025-54068 (Laravel Livewire) to the KEV catalog on Friday, March 20. •PATCH DEADLINE: Federal agencies must remediate by April 3, 2026. •NEW ADDITION: CVE-2026-20131
@SteveAJ777
23 Mar 2026
140 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Three major Cisco management platform vulnerabilities in 2026. All in web interfaces. All CVSS 9+. CVE-2026-20131 (FMC) — CVSS 10, RCE as root CVE-2026-20127 (SD-WAN vManage) — RCE CVE-2023-20198 (IOS-XE web UI) — privilege escalation The pattern is undeniable: web-based
@FirstPassLab
21 Mar 2026
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "E0780AD6-4F38-4400-AA63-E41879F74B68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "86BA5BA6-1F79-4C89-A3F4-A56E2B664AED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "52C7994F-AA17-467B-919E-A49F0CC9DB47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "9F007F6B-1EAA-468C-8159-78B020DF1E58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "C9053FDE-A6BE-4535-AE36-A323F8B7ACA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "6E255975-F952-43AB-A577-B8D331DDB3AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DFA94312-376E-4785-888F-3C07612E1DF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "29E73FBF-2579-4660-AFFA-7F9607004226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "87FAAFFB-0589-441B-8289-8B8A6E18F705",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "73B92119-793D-4A43-A056-24DB6826E759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "093A0BC2-037C-463F-AFC5-EF11C2954EAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4F434FC-CAA4-4DBB-8094-C4ECC28B31E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "68C70BB3-33B3-4E7E-99D5-FF76D4ED96AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B881B8DF-A96D-4B64-B98A-71F0D3388641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A97625-D39C-42D5-89E4-415A868A0972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5E4D83B4-9697-4071-AC9F-7ADC86A6B529",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F81F708-ACED-4E42-8CA9-116B5C4F5141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3C86116B-8475-40A0-A507-D4A7947F5F2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B98BFDB6-0884-4A5B-B2F6-102AE22665C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "44D21149-BF7B-4188-A336-49AA5683BDC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "708A721E-11D2-4E9B-9F11-5B82F3FA742C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "943BDA7B-0E37-4914-B7B2-EDFD58FAF653",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A58A2DA5-3EE7-408D-AAFA-82330F0325B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA98EEC-2059-4CA9-92F1-72C1E0BB7EC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C51EE7-866B-410C-B75E-EF260D5062B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1FFD07-B874-4D3C-8E2C-9A204F1E994E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5ACB9E-86AF-4EC1-9F36-A202429CD0F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD1E4527-AAE2-4DA9-AFDA-6375839F7843",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2F0AF047-EAE9-4C77-BCEF-5CB26F84C742",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2ED03874-4071-4382-8A46-8B3A59E601FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BF84E043-DF3C-4A95-8FDA-B0FDCD795377",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B9498087-9642-4A86-B3EE-1513C55A86E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36C229AB-2851-48D4-815A-63AAB4462A24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6DA4BCFC-8237-4F5C-9863-523EE7D8619B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "07693A92-7D84-45A1-ACD6-D83AE41D504B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2C78050A-A5FB-427B-BF0D-0353B240A4FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "85E76AE7-12AC-4419-AE66-43730B173B4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4D803EC9-26EE-4799-A435-C782C92739CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6EEF87CD-2335-4886-A65C-4E33775AEC52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "953EB81A-1B53-4A57-9F59-D4A7D37E657E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1CB534BC-3E4D-4484-AFD0-69524B1F07F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D6514BF0-5A21-4C3A-9D9D-49677D7A2409",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B291AF23-55FF-4F9A-87AC-76AA3BB3562F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4170B357-C086-483A-BC6C-CB1391FA5831",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.2.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0B72005B-FBF0-4B0D-975B-178B511598B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D401072-6709-4921-8918-720F28D61E24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C0EA3467-4205-4C41-AF24-689330F7396B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9BE94E38-5F29-4AE1-8129-7F7582C2CC75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FEF603AD-D69B-4DD8-A7F4-6BEFD355EF29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6BD1665-7824-4D98-A930-432CBDA4EAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8056E69-22FA-4935-A576-916805D90C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A80BBBE-DB5E-460A-8621-6E28D2BD6E44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2B33F953-FEF3-4C46-A12A-2A42D8339D6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B2C8DF03-2280-48B8-AC1E-4AAA31A36BDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A3CCC30D-FC39-4F59-B338-6753F6094387",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE484EB-FFFF-4DBA-8C45-77635BEBCE32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.4.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C663EDB2-E632-4915-BF37-EEE22FF26ED4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "30F378A2-E599-44E7-B81F-845D84E0FDE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "366D966F-B60E-46B9-AD0C-D0C0692C984F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3A3E6840-7B1E-45F8-9527-3DB66A9267EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FCBDBC61-B4B4-462F-B039-8F5C1B189AE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "73CB0C9D-263A-439C-BAF9-87D1EFE50184",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DE58474E-D8D8-468D-9866-8C67607181E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "29F91F5E-7049-400A-9C39-B20A639DD61D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D71C054A-63FF-4858-A044-03FA72DA2C8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "388E9714-FCB6-41DD-A5C4-19E73AF2FBCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5BBDBCE8-CD5E-48BD-B61B-A36376C5A585",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D098596D-8156-4130-9180-A48D2ECB0910",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.7.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "34649064-8BCE-4A61-BA3A-17CBC4690C7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.7.11:*:*:*:*:*:*:*",
"matchCriteriaId": "9CE3E9B1-4817-4734-9EE9-E16698D3F709",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "05AE4609-A851-4B64-8506-117B0F92F7A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]