CVE-2026-20079
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
A vulnerability in the web interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and execute script files on an affected device to obtain root access to the underlying operating system. This vulnerability is due to an improper system process that is created at boot time. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute a variety of scripts and commands that allow root access to the device.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.0.0 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.0.0.1 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.0.1 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.0.1.1 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.0.2 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.0.2.1 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.0.3 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.0.4 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.0.5 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.0.6 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.0.6.1 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.0.6.2 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.0.6.3 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.0.7 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.0.8 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.0.8.1 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.1.0 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.1.0.1 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.1.0.2 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.1.0.3 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.2.0 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.2.1 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.2.2 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.2.0.1 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.2.3 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.2.3.1 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.2.4 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.2.4.1 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.2.5 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.2.5.1 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.2.6 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.2.7 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.2.5.2 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.2.8 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.2.8.1 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.2.9 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.2.10 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.2.10.2 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.2.10.1 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.3.0 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.3.1 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.3.1.1 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.3.1.2 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.4.0 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.4.1 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.4.1.1 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.4.2 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.4.2.1 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.4.2.2 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.4.2.3 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.4.2.4 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.4.3 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.6.0 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.6.1 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.6.2 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.6.2.1 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.6.3 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.7.0 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.7.10 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.7.10.1 | affected |
| Cisco | Cisco Secure Firewall Management Center (FMC) | 7.7.11 | affected |
Weaknesses
- CWE-288: Authentication Bypass Using an Alternate Path or Channel
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.