By Kevin Poireault
Publication Date: 2026-03-05 10:30:00
Networking giant Cisco has released 25 joint security advisories covering security patches for 48 vulnerabilities in across its Secure Firewall Adaptive Security Appliance (ASA), Secure Firewall Management Center (FMC), and Secure Firewall Threat Defense (FTD) software products.
The security advisories were published on March 4 and are included in a bundled publication.
The most critical flaws, CVE-2026-20079 and CVE-2026-20131, have a maximum severity (CVSS) rating of 10. Both affect Cisco Secure FMC software.
CVE-2026-20079 is an authentication bypass vulnerability. Due to an improper system process that is created at boot time, an attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. If the exploit is successful, the attacker could execute a variety of scripts and commands that allow root access to the device.
CVE-2026-20131 is a remote code execution (RCE) vulnerability. Due to insecure deserialization of a user-supplied Java byte…
