CVE-2026-20079

Name of the Vulnerable Software and Affected Versions Cisco Secure Firewall Management Center (FMC) Software (affected versions not specified)

Description A flaw exists in the web interface of Cisco Secure Firewall Management Center (FMC) Software that could allow a remote attacker who does not need to be authenticated to bypass authentication and execute script files on a vulnerable device. This could lead to the attacker gaining root access to the underlying operating system. The issue is caused by an improperly configured system process created during startup. An attacker can exploit this by sending specially crafted HTTP requests to the affected device. Successful exploitation allows the attacker to execute scripts and commands, ultimately gaining root access.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.