Forwarded from Taiwan Computer Network Crisis Management and Coordination Center: Cybersecurity Alert TWCERTCC-200-202603-00000004

[Content Description]
Cisco Secure Firewall Management Center (FMC) is a centralized management platform used for unified management and monitoring of Cisco firewall products. It provides a complete threat defense view and supports policy formulation, incident analysis, traffic monitoring, and device configuration. Cisco recently released a major cybersecurity advisory.

【CVE-2026-20131, CVSS: 10.0】 This vulnerability exists in the FMC web management interface. An unauthenticated remote attacker could execute arbitrary Java code as root.

【CVE-2026-20079, CVSS: 10.0】 This vulnerability exists in the FMC web management interface. An unauthenticated remote attacker could bypass authentication and execute scripts on affected devices, thereby gaining root access to the underlying operating system.

[Affected Platforms]
Cisco Secure Firewall Management Center (FMC) versions 6.4.0.13, 6.4.014, 6.4.0.15, 6.4.0.16, 6.4.0.17, 6.4.0.18, 7.0.0, 7.0.0.1, 7.0.1, 7.0.1.1, 70.2, 7.0.2.1, 7.0.3, 7.0.4, 7.0.5, 7.0.6, 7.0.6.1, 7.0.6.2, 7.0.6.3, 7.0.7, 7.0.8, 7.0.8.1, 7.1.0, 7.1.0.1, 7.1.0.2, 7.1.0.3, 7.2.0 7.2.1, 7.2.2, 7.2.0.1, 7.2.3, 7.2.3.1, 7.2.4, 7.2.4.1, 7.2.5, 7.2.5.1, 7.2.6, 7.2.7, 7.2.5.2, 7.2.8, 7.2.8.1, 7.2.9, 7.2.10, 7.2.10.2, 7.2.10.1, 7.3.0, 7.3.1, 7.3.1.1, 7.3.1.2, 7.4.0, 7.4.1, 7.4.1.1, 74.2, 7.4.2.1, 7.4.2.2, 7.4.2.3, 7.4.2.4 Versions 7.4.3, 7.4.4, 7.4.5, 7.6.0, 7.6.1, 7.6.2, 7.6.2.1, 7.6.3, 7.6.4, 7.7.0, 7.7.10, 7.7.10.1, 7.7.11, and 10.0.0

[Recommended Actions]
Patch according to the solutions released on the official website:
【CVE-2026-20131】 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-rce-NKhnULJh

【CVE-2026-20079】 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-onprem-fmc-authbypass-5JPp45V2

[References]
1. https://www.twcert.org.tw/tw/cp-169-10747-660ee-1.html