CVE-2026-20131

CRITICAL CISA KEV EPSS 97.8%
Published Mar 4, 20263mo ago · Modified Mar 25, 20263mo ago
10.0 CVSS 3.1
Critical
Find Similar
Published Mar 4, 2026 3mo ago
Last Modified Mar 25, 2026 3mo ago
KEV Listed Mar 19, 2026 3mo ago
KEV Due Mar 22, 2026 100d overdue

Description

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device. This vulnerability is due to insecure deserialization of a user-supplied Java byte stream. An attacker could exploit this vulnerability by sending a crafted serialized Java object to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the device and elevate privileges to root. Note: If the FMC management interface does not have public internet access, the attack surface that is associated with this vulnerability is reduced.

CVSS Details

Base Score
10.0
Exploitability
3.9
Impact
6.0
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Changed
Confidentiality High
Integrity High
Availability High

Threat Intelligence

CISA Known Exploited Overdue 100d
Added
Mar 19, 2026
Due
Mar 22, 2026

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

EPSS Exploit Probability
97.8% percentile
Exploit & Patch Status
Actively Exploited (KEV)
No Patch Available

Weaknesses 1

CWE-502 Deserialization of Untrusted Data Validation

Affected Products 71

VendorProductVersionRange
ciscosecure_firewall_management_center6.4.0.13any
ciscosecure_firewall_management_center6.4.0.14any
ciscosecure_firewall_management_center6.4.0.15any
ciscosecure_firewall_management_center6.4.0.16any
ciscosecure_firewall_management_center6.4.0.17any
ciscosecure_firewall_management_center6.4.0.18any
ciscosecure_firewall_management_center7.0.0any
ciscosecure_firewall_management_center7.0.0.1any
ciscosecure_firewall_management_center7.0.1any
ciscosecure_firewall_management_center7.0.1.1any
ciscosecure_firewall_management_center7.0.2any
ciscosecure_firewall_management_center7.0.2.1any
ciscosecure_firewall_management_center7.0.3any
ciscosecure_firewall_management_center7.0.4any
ciscosecure_firewall_management_center7.0.5any
ciscosecure_firewall_management_center7.0.6any
ciscosecure_firewall_management_center7.0.6.1any
ciscosecure_firewall_management_center7.0.6.2any
ciscosecure_firewall_management_center7.0.6.3any
ciscosecure_firewall_management_center7.0.7any
ciscosecure_firewall_management_center7.0.8any
ciscosecure_firewall_management_center7.0.8.1any
ciscosecure_firewall_management_center7.1.0any
ciscosecure_firewall_management_center7.1.0.1any
ciscosecure_firewall_management_center7.1.0.2any
ciscosecure_firewall_management_center7.1.0.3any
ciscosecure_firewall_management_center7.2.0any
ciscosecure_firewall_management_center7.2.0.1any
ciscosecure_firewall_management_center7.2.1any
ciscosecure_firewall_management_center7.2.2any
ciscosecure_firewall_management_center7.2.3any
ciscosecure_firewall_management_center7.2.3.1any
ciscosecure_firewall_management_center7.2.4any
ciscosecure_firewall_management_center7.2.4.1any
ciscosecure_firewall_management_center7.2.5any
ciscosecure_firewall_management_center7.2.5.1any
ciscosecure_firewall_management_center7.2.5.2any
ciscosecure_firewall_management_center7.2.6any
ciscosecure_firewall_management_center7.2.7any
ciscosecure_firewall_management_center7.2.8any
ciscosecure_firewall_management_center7.2.8.1any
ciscosecure_firewall_management_center7.2.9any
ciscosecure_firewall_management_center7.2.10any
ciscosecure_firewall_management_center7.2.10.1any
ciscosecure_firewall_management_center7.2.10.2any
ciscosecure_firewall_management_center7.3.0any
ciscosecure_firewall_management_center7.3.1any
ciscosecure_firewall_management_center7.3.1.1any
ciscosecure_firewall_management_center7.3.1.2any
ciscosecure_firewall_management_center7.4.0any
ciscosecure_firewall_management_center7.4.1any
ciscosecure_firewall_management_center7.4.1.1any
ciscosecure_firewall_management_center7.4.2any
ciscosecure_firewall_management_center7.4.2.1any
ciscosecure_firewall_management_center7.4.2.2any
ciscosecure_firewall_management_center7.4.2.3any
ciscosecure_firewall_management_center7.4.2.4any
ciscosecure_firewall_management_center7.4.3any
ciscosecure_firewall_management_center7.4.4any
ciscosecure_firewall_management_center7.4.5any
ciscosecure_firewall_management_center7.6.0any
ciscosecure_firewall_management_center7.6.1any
ciscosecure_firewall_management_center7.6.2any
ciscosecure_firewall_management_center7.6.2.1any
ciscosecure_firewall_management_center7.6.3any
ciscosecure_firewall_management_center7.6.4any
ciscosecure_firewall_management_center7.7.0any
ciscosecure_firewall_management_center7.7.10any
ciscosecure_firewall_management_center7.7.10.1any
ciscosecure_firewall_management_center7.7.11any
ciscosecure_firewall_management_center10.0.0any

References 3

  • aws.amazon.com https://aws.amazon.com/blogs/security/amazon-threat-intelligence-teams-identify-interlock-ransomware-campaign-targeting-enterprise-firewalls/
    Technical Description
  • sec.cloudapps.cisco.com https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-rce-NKhnULJh
    Vendor Advisory
  • cisa.gov https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20131
    US Government Resource

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.