Cisco has released a security update to address the biggest security flaws in the Secure Firewall Management Center (FMC) software, which allows attackers to run arbitrary code on affected systems.
A vulnerability assigned the CVE Identifier CVE-2025-20265 (CVSS score: 10.0) affects the implementation of the RADIUS subsystem that allows uncertified remote attackers to inject any shell commands executed by the device.
The Networking Equipment Major said the issue was due to the lack of proper handling of user input during the authentication phase. As a result, an attacker can send specially created input when entering credentials that are authenticated with the configured RADIUS server.
“A successful exploit allows an attacker to execute commands at a high level of privilege,” the company said in its recommendation on Thursday. “To exploit this vulnerability, Cisco Secure FMC software must be configured for RADIUS authentication with a web-based management interface, SSH management, or both.”
The downside is that if the Cisco Secure FMC software has RADIUS authentication enabled, it releases 7.0.7 and 7.7.0. There is no other workaround than applying the patches provided by the company. Cisco’s Brandon Sakai is believed to have discovered the issue during internal security testing.
In addition to CVE-2025-20265, Cisco has also solved many high-end bugs –
CVE-2025-20217 (CVSS Score: 8.6) – Cisco Secure Firewall Threat Defense Software 3 Service Negative Vulnerability CVE-2025-20222 (CVSS Score: 8.6) – Cisco Secure Firwall Adaptive Security Appliances and Secure Firewall Threat Defense Software CVE-2025-20224, CVE-2025-20225, CVE-2025-20239 (CVSS Score: 8.6) – Cisco iOS, iOS XE, Secure Firewall Adaptive Security Appliance, Secure Firewall Threat Defense Software IKEV2 Negative Vulnerability (CVSS Score: 8.6) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software SSL VPN Rejection Vulnerability Vulnerability CVE-2025-20136 (CVSS Score: 8.6) – CISCO Secure Secure Firewall Adaptive Security Appliances and Secure Firewall Threat Defense Appliances and Secure Firewall Threat Defense Appliances and Secure Firewall Threat Defense Appliances and Secure Firewall Threat Defense Appliances and Secure Firewall Threat Defense Appliances and Secure Firewall Threat Defense Appliances and Secure Firewall Threat Defense Appliances and Secure Firewall Threat Defense Appliances and Secure Firewall Defense Software Network Address Address Translation DNS Check Rejection Vulnerability CVE-2025-20263 (CVSS Score: 8.6) CVE-2025-20148 (CVSS Score: 8.5) – Cisco Secure Firewall Management Center Software HTML Injection Vulnerability CVE-2025-20251 (CVSS Score: 8.5) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Software 7.7) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software For Firepower 3100 and 4200 Series TLS 1.3 CIPHEN Negative Vulnerability CVE-2025-20244 (CVSS Score: 7.7)
Network appliances are repeatedly caught up in the attacker’s crosshairs, so there is no flaw under aggressive exploitation in the wild, but it is essential that users move quickly to update their instances to the latest version.
Source link
