CVE-2026-20079

Name of the Vulnerable Software and Affected Versions Cisco Secure Firewall Management Center (FMC) (affected versions not specified)

Description A flaw in the web interface of Cisco Secure Firewall Management Center (FMC) Software allows an unauthenticated remote attacker to bypass authentication and execute script files to gain root access to the underlying operating system. This issue stems from an improper system process created during boot time. Exploitation occurs by sending crafted HTTP requests to the device. Technical analysis indicates the use of Java Byte-Stream via HTTP POST requests to trigger a deserialization process, where the readObject() method initiates a gadget chain involving LazyMap and InvokerTransformer, ultimately leading to the execution of the exec() command with root privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.