PT-2026-22976 · Cisco · Cisco Secure Firewall Management Center (Fmc)
Jason Crowder
·
Publicado
2026-03-04
·
Atualizado
2026-03-04
·
CVE-2026-20044
CVSS v3.1
6.0
Média
| Vetor | AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Cisco Secure Firewall Management Center (FMC) Software (affected versions not specified)
Description
A flaw exists in the lockdown mechanism of the software that may allow a local attacker with valid administrative credentials to execute arbitrary commands as root. The issue stems from inadequate restrictions on remediation modules when the system is in lockdown mode. Exploitation involves sending crafted input to the system command-line interface (CLI). A successful exploit could enable an attacker to run arbitrary commands or code with root privileges, even while the system is in lockdown.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Privilege Management
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Cisco Secure Firewall Management Center (Fmc)