CVE-2026-20131CRITICAL 10.0CISA KEVEPSS p97.8%

CVE-2026-20131Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability

Cisco / Secure Firewall Management Center (FMC)

Description

Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management contain a deserialization of untrusted data vulnerability in the web-based management interface that could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device.

Scoring

CVSS 3.110.0 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS27.55% probability of exploitation · percentile 97.8% · 2026-06-18T12:00:27Z
Published2026-03-04
Last modified2026-03-25

CISA KEV entry

Added to KEV: 2026-03-19

Underlying weaknesses· 1

CWE-502

References

  1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-rce-NKhnULJh
  2. https://aws.amazon.com/blogs/security/amazon-threat-intelligence-teams-identify-interlock-ransomware-campaign-targeting-enterprise-firewalls/
  3. https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20131

1

TypeTargetConfidenceTier
WeaknessDeserialization of Untrusted Datacwe-5020%live

(incoming)1

TypeTargetConfidenceTier
KEVEntryCisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerabilitykev-cve-2026-201310%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-20079
CVE
CVE-2026-20002
CVE
Cisco Secure Access Control System Java Deserialization Vulnerability
CVE
CVE-2025-20148
CVE
CVE-2025-20265
CVE
SonicWall SMA1000 Appliances Deserialization Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.