← Back to CVE List
Vulnerability Analysis
Cisco Secure Firewall Management Center Software Remote Code Execution Vulnerability

CVE-2026-20131

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device. This vulnerability is due to insecure deserialization of a user-supplied Java byte stream. An attacker could exploit this vulnerability by sending a crafted serialized Java object to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the device and elevate privileges to root. Note: If the FMC management interface does not have public internet access, the attack surface that is associated with this vulnerability is reduced.

CISA KEV
CVSS Base Score
10.0
CRITICAL
Exploitability:3.9
Impact Score:6.1
Temporal Score:-
EPSS:27.55%

Threat Intelligence Signals

CISA KEV
YES
KEV Date Added
2026-03-19
Ransomware Use
Known
KEV Due Date
2026-03-22
VulnCheck In-the-Wild
No
Nuclei Template
No
EPSS Score
27.551%
EPSS Percentile
97.8th pct
GitHub Severity
CRITICAL

Identity & Timeline

Status-
Assigning Authority-
CVSS Version / Source-
Reserved-
Published-
Patch Date (date_public)-
Exploit DB Date-
First GitHub PoC Date-
Last Updated-
Time to Patch (Days to fix)-
Exploit Release Gap-
PoC Release Gap-
Exploit DB ReferencesNone identified

Affected Products & Versions

Vendor Product Affected Versions
No affected products specified.

References

No reference links found.

LINK COPIED TO CLIPBOARD