A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device.
This vulnerability is due to insecure deserialization of a user-supplied Java byte stream. An attacker could exploit this vulnerability by sending a crafted serialized Java object to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the device and elevate privileges to root.
Note: If the FMC management interface does not have public internet access, the attack surface that is associated with this vulnerability is reduced.
Metrics
Affected Vendors & Products
No data.
No data.
No data.
No data.
References
History
Wed, 04 Mar 2026 17:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device. This vulnerability is due to insecure deserialization of a user-supplied Java byte stream. An attacker could exploit this vulnerability by sending a crafted serialized Java object to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the device and elevate privileges to root. Note: If the FMC management interface does not have public internet access, the attack surface that is associated with this vulnerability is reduced. | |
| Weaknesses | CWE-502 | |
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: cisco
Published:
Updated: 2026-03-04T17:17:56.008Z
Reserved: 2025-10-08T11:59:15.380Z
Link: CVE-2026-20131
Vulnrichment
No data.
NVD
Status : Received
Published: 2026-03-04T18:16:27.153
Modified: 2026-03-04T18:16:27.153
Link: CVE-2026-20131
Redhat
No data.
OpenCVE Enrichment
No data.