Cisco has released a critical security advisory warning of a severe vulnerability in its Secure Firewall Management Center (FMC) Software.
This flaw allows an unauthenticated, remote attacker to bypass authentication and execute script files, thereby gaining full root access to the underlying operating system.
The vulnerability, tracked as CVE-2026-20079, stems from an improper system process created when the device boots.
An attacker can exploit this weakness by simply sending specially crafted HTTP requests to the web interface of an affected FMC device.
If the exploit is successful, the attacker can execute a wide variety of scripts and system commands.
Cisco Secure Firewall Management Vulnerability
This grants the attacker complete root-level control over the system, allowing them to modify configurations or use the compromised device to launch further attacks.
This vulnerability affects Cisco Secure FMC Software regardless of how the device is currently configured.
Because the CVSS score is capped at 10.0, this is considered a highly critical threat that demands immediate attention from network administrators.
Currently, no temporary workarounds or mitigations are available to block this vulnerability.
Cisco strongly advises all organizations to upgrade to the fixed software versions immediately to protect their network infrastructure.
Network administrators should use the official Cisco Software Checker tool to verify their exposure and identify the correct upgrade path for their specific release.
This severe security flaw was discovered internally by security researcher Brandon Sakai during routine Cisco security testing.
The official security advisory was first published on March 4, 2026, as part of the broader March 2026 Cisco Secure Firewall advisory bundle.
Fortunately, the Cisco Product Security Incident Response Team (PSIRT) has stated that they are not currently aware of any public announcements or malicious exploitation of this vulnerability in the wild.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post Cisco Secure Firewall Management Vulnerability Allow Attackers to Bypass Authentication appeared first on Cyber Security News.
