Cisco fixes maximum-severity Secure FMC bugs threatening firewall security

Cisco fixes maximum-severity Secure FMC bugs threatening firewall security

By Pierluigi Paganini
Publication Date: 2026-03-04 22:10:00

Cisco fixes maximum-severity Secure FMC bugs threatening firewall security

Pierluigi Paganini
March 04, 2026

Cisco patched two critical Secure FMC vulnerabilities that could let attackers gain root access to managed firewalls.

Cisco addressed two maximum-severity vulnerabilities in its Secure Firewall Management Center (FMC) that could allow attackers to gain root access. Cisco Secure Firewall Management Center (FMC) is a centralized management platform for Cisco firewalls.

It lets administrators configure, monitor, and control multiple firewalls from a single web or SSH interface. Through FMC, teams can manage policies for intrusion prevention (IPS), application control, URL filtering, advanced malware protection, logging, reporting, and overall network security posture across their environment.

The first vulnerability, tracked as CVE-2026-20079 (CVSS score of 10.0), is an authentication bypass…