By Abinaya
Publication Date: 2026-03-05 10:59:00
Cisco has issued an urgent security advisory for a critical vulnerability affecting its Secure Firewall Management Center (FMC) software.
This flaw, rated with the maximum possible CVSS score of 10.0, allows remote, unauthenticated attackers to execute arbitrary code and gain complete root-level control over the affected system. The vulnerability exists in the web-based management interface of Cisco Secure FMC.
The flaw stems from insecure deserialization of a user-supplied Java byte stream, allowing attackers to send a specially crafted serialized Java object to the web interface to exploit it
If successful, the exploit allows the attacker to run arbitrary Java code on the underlying operating system. Because the code executes with root-level privileges, the attacker could gain total control over the management device.
