Critical RCE Vulnerability in Cisco Firewall Management Software Under Active Exploitation

Cisco has disclosed a critical vulnerability in its Secure Firewall Management Center (FMC) Software. The remote code execution (RCE) flaw, CVE-2025-20265, has a maximum CVSS severity score of 10.0. Customers have been urged to apply software updates as soon as possible to avoid potential compromise.

The vulnerability is contained in the RADIUS system implementation of Cisco FMC software. If exploited, it can allow an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device. RADIUS is an access server authentication and accounting protocol used by Cisco devices, enabling secure network access by verifying user credentials and managing network resource usage.

“This vulnerability is due to a lack of proper handling of user input during the authentication phase. An attacker could exploit this vulnerability by sending crafted input when entering credentials that will be authenticated at the configured RADIUS server. A successful exploit could allow the attacker to execute commands at a high privilege level,” the tech giant warned in an advisory dated August 14.

The bug affects Cisco Secure FMC Software releases 7.0.7 and 7.7.0 if they have RADIUS authentication enabled.

To read the complete article see: Cisco Critical RCE Flaw in Firewall\n