Loading…

Cookies and privacy

We use strictly necessary cookies to run the site. With your permission we also load Vercel Web Analytics and Speed Insights to measure traffic and performance in aggregate. See our Cookie Policy and Privacy Policy.

CVE-2026-20131: Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability · Scorifya

CVE detail

CVE-2026-20131: Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability

Source: CISA Known Exploited Vulnerabilities catalog · back to feed

Vendor / product

Cisco · Secure Firewall Management Center (FMC)

Date added (KEV): Mar 19, 2026
CISA due date: Mar 22, 2026
Ransomware campaign use: Known

Required action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Vendor fix: Vendor advisory

Scorifya interpretation

AI-generated

A short, structured read of the record above — generated when this page first loads, then cached for a week.

Plain English

Technical detail

From CISA

Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management contain a deserialization of untrusted data vulnerability in the web-based management interface that could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device.

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-rce-NKhnULJh ; https://nvd.nist.gov/vuln/detail/CVE-2026-20131

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-rce-NKhnULJhVendor Advisory
https://aws.amazon.com/blogs/security/amazon-threat-intelligence-teams-identify-interlock-ransomware-campaign-targeting-enterprise-firewalls/Technical Description
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20131US Government Resource

Other recent CVEs from Cisco

CVE-2026-20182Catalyst SD-WAN — Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
CVE-2026-20122Catalyst SD-WAN Manger — Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability
CVE-2026-20128Catalyst SD-WAN Manager — Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability
CVE-2026-20133Catalyst SD-WAN Manager — Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
CVE-2022-20775SD-WAN — Cisco SD-WAN Path Traversal Vulnerability

Check your domain's public posture

Scorifya doesn't test for specific CVEs, but if patching Cisco changed your headers or TLS, a fresh hardening scan helps confirm nothing regressed externally.

Run a free scan Methodology