CVE-2026-20002

Name of the Vulnerable Software and Affected Versions Cisco Secure Firewall Management Center (FMC) (affected versions not specified)

Description A flaw exists in the web-based management interface of Cisco Secure FMC Software that could permit an authenticated, remote attacker to perform SQL injection attacks. This issue stems from insufficient validation of user-supplied input. An attacker could leverage this by transmitting specially crafted requests to a vulnerable device. A successful exploit may grant the attacker complete database access and the ability to read specific files on the underlying operating system. Valid user credentials are required for exploitation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.