CISA orders feds to patch max-severity Cisco flaw by Sunday

vm_admin
CISA orders feds to patch max-severity Cisco flaw by Sunday

By Bill Toulas
Publication Date: 2026-03-20 15:09:00

The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch a maximum-severity vulnerability, CVE-2026-20131, in Cisco Secure Firewall Management Center (FMC) by Sunday, March 22.

Cisco published a security bulletin about the flaw on March 4, urging system administrators to apply the security updates as soon as possible and warning that no workarounds are available.

The Cisco Secure Firewall Management Center (FMC) is a centralized administration system for critical Cisco network security appliances, such as firewalls, application control, intrusion prevention, URL filtering, and malware protection.

“A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device,” Cisco says in the advisory.

The issue is caused by insecure deserialization of a user-supplied Java byte…

Related Posts

Salt Typhoon exploits Cisco devices to access US telecom infra
Salt Typhoon exploits Cisco devices to access US telecom infra

For Immediate Release 2025-02-21 09:20:00 Salt Typhoon used Cisco networking devices to gain… Article Source https://www.techmonitor.ai/technology/cybersecurity/salt-typhoon-exploits-cisco-devices-to-access-us-telecom-infrastructure Facebook Twitter Pinterest LinkedIn…