This flaw, rated with the maximum possible CVSS score of 10.0, allows remote, unauthenticated attackers to execute arbitrary code and gain complete root-level control over the affected system. The vulnerability exists in the web-based management interface of Cisco Secure FMC.
The flaw stems from insecure deserialization of a user-supplied Java byte
If successful, the exploit allows the attacker to run arbitrary Java code on the underlying operating system. Because the code executes with root-level privileges, the attacker could gain total control over the management device.
A CVSS score of 10.0 indicates the highest possible severity, meaning the attack requires no user interaction and no prior authentication. It can be launched remotely over the network.
Taking control of a firewall management system is particularly dangerous, as it could allow an attacker to alter security policies and turn off network defenses.
Use the management center as a pivot point to launch further attacks deep into an internal network. This flaw was discovered during internal security testing by Keane O’Kelley from the Cisco Advanced Security Initiatives Group (ASIG).
Currently, Cisco’s Product Security Incident Response Team (PSIRT) reports that it is not aware of any active exploitation or malicious use of this vulnerability in the wild.
The flaw impacts both Cisco Secure FMC Software and Cisco Security Cloud Control (SCC) Firewall Management systems, regardless of how the devices are configured.
However, Cisco Secure Firewall Adaptive Security Appliance (ASA) and Threat Defense (FTD) software are confirmed not to be vulnerable to this specific issue.
There are no workarounds available to mitigate this threat. Organizations must apply the official software updates provided by Cisco to protect their environments.
Security teams are strongly advised to review the March 2026 Cisco Secure Firewall advisory bundle to address this and other potential flaws.
Although no active exploitation is seen yet, a CVSS 10.0 flaw makes it a likely target for ransomware and nation-state attackers, making prompt remediation critical.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post Cisco Secure Firewall Management Vulnerability Enables Remote Code Execution appeared first on Cyber Security News.
Cato CTRL senior security researcher Vitaly Simonovich discovered CVE-2026-25611, a high-severity flaw rated 7.5 that…
A proof-of-concept exploit for CVE-2026-20127, a critical zero-day in Cisco Catalyst SD-WAN products, has surfaced…
As cloud-native technologies like Kubernetes and AI workloads become increasingly integral to modern infrastructure, attackers…
Though Netflix lost the war for Warner Bros., it has just bought an AI startup…
OpenAI is launching GPT-5.4, the latest version of its AI model that the company says…
A coordinated malware campaign is targeting cryptocurrency and Web3 professionals through a carefully built chain…
This website uses cookies.