Cisco has released security updates to fix two maximum-severity vulnerabilities in its Secure Firewall Management Center (FMC) that could allow remote, unauthenticated attackers to gain root access or run arbitrary code. The flaws—an authentication bypass (CVE-2026-20079) and a remote code execution via serialized Java objects (CVE-2026-20131)—have been patched and Cisco PSIRT reports no current evidence of active exploitation or published proof-of-concept code at this time. #CVE202620079 #CVE202620131
Keypoints
- Cisco issued patches for two maximum-severity vulnerabilities in Secure Firewall Management Center (FMC).
- Both flaws can be exploited remotely by unauthenticated attackers to obtain root-level access or execute arbitrary code.
- CVE-2026-20079 is an authentication bypass that can lead to root shell access on affected devices.
- CVE-2026-20131 is a remote code execution via a crafted serialized Java object and also affects Cisco Security Cloud Control (SCC) Firewall Management.
- Cisco PSIRT reports no evidence of active exploitation or published PoCs, and the company also patched dozens of other related vulnerabilities.