Interlock Group Exploiting The CISCO FMC Flaw CVE-2026-20131 36 Days Before Disclosure

By Pierluigi Paganini
Publication Date: 2026-03-19 09:22:00

Table of Contents

Interlock group exploiting the CISCO FMC flaw CVE-2026-20131 36 days before disclosure

Pierluigi Paganini
March 19, 2026

The Interlock ransomware group has exploited a Cisco FMC zero-day RCE vulnerability in attacks since late January.

The Interlock ransomware group has been exploiting a critical zero-day RCE vulnerability, tracked as CVE-2026-20131 (CVSS score of 10.0), in Cisco Secure Firewall Management Center (FMC) since late January.

The vulnerability is a remote code execution flaw that resides in Cisco Secure FMC’s web interface and allows unauthenticated remote attackers to exploit insecure Java deserialization and execute arbitrary code as root by sending a crafted serialized object.

“A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an…

Facebook
Twitter
Pinterest
LinkedIn
Digg
Tumblr
Reddit
Buffer
Blogger
Newsvine
HackerNews
Flipboard
Share
LiveJournal
Yammer
Mix
Instapaper
Copy Link
Mastodon

Interlock group exploiting the CISCO FMC flaw CVE-2026-20131 36 days before disclosure

The Interlock ransomware group has exploited a Cisco FMC zero-day RCE vulnerability in attacks since late January.

Related Posts