By Eduard Kovacs
Publication Date: 2026-03-19 08:57:00
A vulnerability patched earlier this month by Cisco in its firewalls has been exploited as a zero-day since at least late January, according to Amazon’s threat intelligence team.
The vulnerability is tracked as CVE-2026-20131 and it affects the Secure Firewall Management Center (FMC) software. The availability of patches was announced on March 4, when Cisco patched dozens of other vulnerabilities in its FMC, ASA, and Secure FTD products.
CVE-2026-20131 impacts the web-based management interface of FMC software and it can be exploited by a remote, unauthenticated attacker to execute arbitrary Java code with root privileges.
Cisco noted at the time of disclosure that not exposing the FMC management interface to the internet reduces the vulnerability’s attack surface.
[ Read: Only 4 Corporate Giants Still Silent on Oracle EBS Hack ]
An investigation by Amazon researchers found evidence that the Interlock cybercrime group, known for several high-profile…
