Cisco has taken significant steps to enhance the security of its enterprise networking products by releasing patches for 50 vulnerabilities, including critical issues in its Firewall ASA, Secure FMC, and Secure FTD appliances. This comprehensive update, announced on Wednesday, aims to address potential security threats across a wide range of their products.
Critical Vulnerabilities Revealed
The March 2026 security bulletin from Cisco includes details of 25 advisories, with two highlighting critical-severity flaws. One such flaw, CVE-2026-20079, which holds a perfect CVSS score of 10/10, involves an authentication bypass in the Cisco Secure FMC software’s web interface. Exploiting this vulnerability allows attackers to execute arbitrary scripts and gain root access to the operating system.
This security issue arises from an improper system process initiated during boot. Attackers can exploit this flaw by sending specially crafted HTTP requests, potentially gaining complete control over affected devices.
Web Interface Security Concerns
Another critical vulnerability, CVE-2026-20131, also with a CVSS score of 10/10, impacts the Secure FMC software. This flaw allows attackers to execute Java code with root privileges due to insecure deserialization of a user-supplied Java byte stream. By sending malicious serialized objects, attackers can exploit this weakness to execute arbitrary code and elevate their privileges to root.
However, Cisco notes that the risk of exploitation is reduced for FMC management interfaces that are not exposed to the internet, providing some level of security buffer for these interfaces.
Additional Vulnerabilities and User Recommendations
Alongside the critical issues, Cisco has also patched nine high-severity vulnerabilities in its ASA Firewall, Secure FMC, and Secure FTD appliances. These vulnerabilities could potentially enable attackers to conduct SQL injection attacks, initiate denial-of-service conditions, and manipulate sensitive files.
The remaining vulnerabilities in Cisco’s announcement pertain to medium-severity issues, including those found in Webex and ClamAV. Cisco urges users to implement these updates promptly to safeguard their systems against potential threats.
Currently, Cisco reports that there are no known incidents of these vulnerabilities being exploited in the wild. Nevertheless, the company strongly advises users to apply the patches to protect their networks from possible exploitation.
For further details, users are encouraged to visit Cisco’s security advisories page to ensure all necessary updates are applied to their systems.
