Cisco Secure Firewall Management Center Software Remote Code Execution Vulnerability
Summary
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device. This vulnerability is due to insecure deserialization of a user-supplied Java byte stream. An attacker could exploit this vulnerability by sending a crafted serialized Java object to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the device and elevate privileges to root. Note: If the FMC…
CISA Known Exploited Vulnerability
- Listed:
- Mar 19, 2026 · federal remediation due Mar 22, 2026
- Required action:
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Ransomware use:
- Known
KEV is a prioritization signal from CISA — remediation detail still comes from the vendor advisory.
- Scope: This vulnerability affects Cisco Secure FMC Software and Cisco Security Cloud Control (SCC) Firewall Management, regardless of device configuration.
Official advisory · high-confidence parse· fetched 6 hours ago·verify at source
Mitigation checklist
- There are no workarounds that address this vulnerability.
Official advisory · high-confidence parse· fetched 6 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.