DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

CVE-2026-20079: CVE-2026-20079: Authentication Bypass & RCE in Cisco Secure FMC

#security #cve #cybersecurity

CVE-2026-20079: Authentication Bypass & RCE in Cisco Secure FMC

Vulnerability ID: CVE-2026-20079
CVSS Score: 10.0
Published: 2026-03-04

A critical authentication bypass vulnerability exists in the Cisco Secure Firewall Management Center (FMC) Software. Identified as CVE-2026-20079 with a maximum CVSS score of 10.0, this flaw allows an unauthenticated, remote attacker to bypass security controls and execute arbitrary commands with root privileges on the underlying operating system. The vulnerability stems from an improperly initialized system process created during the boot sequence.

TL;DR

CVE-2026-20079 is a maximum-severity (CVSS 10.0) vulnerability in Cisco Secure FMC. It allows unauthenticated remote attackers to execute arbitrary scripts as root via crafted HTTP requests. No workarounds exist; immediate patching is required.

Technical Details

  • CVE ID: CVE-2026-20079
  • CVSS v3.1: 10.0 (Critical)
  • CWE: CWE-288
  • Attack Vector: Network
  • Privileges Required: None
  • Exploit Status: Theoretical (No Public PoC)

Affected Systems

  • Cisco Secure Firewall Management Center (FMC) Software
  • Cisco Secure Firewall Management Center: 7.0.x (Fixed in: See Vendor)
  • Cisco Secure Firewall Management Center: 7.2.0 - 7.2.10.2 (Fixed in: 7.2.11)
  • Cisco Secure Firewall Management Center: 7.4.0 - 7.4.3 (Fixed in: 7.4.4)
  • Cisco Secure Firewall Management Center: 7.6.0 - 7.6.3 (Fixed in: 7.6.4)
  • Cisco Secure Firewall Management Center: 7.7.0 - 7.7.11 (Fixed in: 7.7.12)

Mitigation Strategies

  • Upgrade to a fixed software release immediately.
  • Isolate the FMC management interface to a trusted, out-of-band management network.
  • Restrict access to the FMC management port (typically 443) to authorized IP addresses only via an upstream firewall.

Remediation Steps:

  1. Log in to the Cisco Software Central portal.
  2. Identify the appropriate release for your deployment (e.g., 7.2.11, 7.4.4, or 7.7.12).
  3. Download the update package.
  4. Back up the current FMC configuration.
  5. Apply the patch and reboot the appliance.
  6. Verify the version number post-reboot to ensure the update was successful.

References

Read the full report for CVE-2026-20079 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)