CVE-2026-20079 - Vulnerability Details

- Authentication Bypass in Cisco FMC Allows Root Access

Description

A vulnerability in the web interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and execute script files on an affected device to obtain root access to the underlying operating system.

This vulnerability is due to an improper system process that is created at boot time. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute a variety of scripts and commands that allow root access to the device.

Published: 2026-03-04

Score: 10 Critical

EPSS: 11.8% Moderate

KEV: No

Impact:

Action:

Analysis

Impact

A flaw in the web interface of Cisco Secure Firewall Management Center creates an improper system process at boot time, enabling an attacker to send crafted HTTP requests that bypass authentication and execute scripts with root privileges. This vulnerability is a CWE‑288 improper authorization flaw, permitting an unauthenticated user to gain full control over the firewall device.

Affected Systems

The affected product is Cisco Secure Firewall Management Center (FMC) software. Specific affected versions are not disclosed in the advisory and should be verified against Cisco’s Security Advisory for the latest revision.

Risk and Exploitability

With a CVSS score of 10 and an EPSS score of 12%, the vulnerability poses a high risk of exploitation in environments where the FMC web interface is exposed to untrusted networks. It is not listed in the CISA Known Exploited Vulnerabilities catalog. The likely attack vector is remote via crafted HTTP requests to the FMC management interface, requiring unauthenticated access and no additional privileges.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Cisco

Cisco Secure Firewall Management Center (FMC)

affected

Version	Status	Constraints
`7.0.0`	affected	—
`7.0.0.1`	affected	—
`7.0.1`	affected	—
`7.0.1.1`	affected	—
`7.0.2`	affected	—
`7.0.2.1`	affected	—
`7.0.3`	affected	—
`7.0.4`	affected	—
`7.0.5`	affected	—
`7.0.6`	affected	—
`7.0.6.1`	affected	—
`7.0.6.2`	affected	—
`7.0.6.3`	affected	—
`7.0.7`	affected	—
`7.0.8`	affected	—
`7.0.8.1`	affected	—
`7.1.0`	affected	—
`7.1.0.1`	affected	—
`7.1.0.2`	affected	—
`7.1.0.3`	affected	—
`7.2.0`	affected	—
`7.2.1`	affected	—
`7.2.2`	affected	—
`7.2.0.1`	affected	—
`7.2.3`	affected	—
`7.2.3.1`	affected	—
`7.2.4`	affected	—
`7.2.4.1`	affected	—
`7.2.5`	affected	—
`7.2.5.1`	affected	—
`7.2.6`	affected	—
`7.2.7`	affected	—
`7.2.5.2`	affected	—
`7.2.8`	affected	—
`7.2.8.1`	affected	—
`7.2.9`	affected	—
`7.2.10`	affected	—
`7.2.10.2`	affected	—
`7.2.10.1`	affected	—
`7.3.0`	affected	—
`7.3.1`	affected	—
`7.3.1.1`	affected	—
`7.3.1.2`	affected	—
`7.4.0`	affected	—
`7.4.1`	affected	—
`7.4.1.1`	affected	—
`7.4.2`	affected	—
`7.4.2.1`	affected	—
`7.4.2.2`	affected	—
`7.4.2.3`	affected	—
`7.4.2.4`	affected	—
`7.4.3`	affected	—
`7.6.0`	affected	—
`7.6.1`	affected	—
`7.6.2`	affected	—
`7.6.2.1`	affected	—
`7.6.3`	affected	—
`7.7.0`	affected	—
`7.7.10`	affected	—
`7.7.10.1`	affected	—
`7.7.11`	affected	—

No data.

Vendor Product Confidence Versions

Cisco

Secure Firewall Management Center

88%

Version	Status	Scheme	Platform
`7.0.0`	affected	semver	—
`7.0.0.1`	affected	generic	—
`7.0.1`	affected	semver	—
`7.0.1.1`	affected	generic	—
`7.0.2`	affected	semver	—
`7.0.2.1`	affected	generic	—
`7.0.3`	affected	semver	—
`7.0.4`	affected	semver	—
`7.0.5`	affected	semver	—
`7.0.6`	affected	semver	—
`7.0.6.1`	affected	generic	—
`7.0.6.2`	affected	generic	—
`7.0.6.3`	affected	generic	—
`7.0.7`	affected	semver	—
`7.0.8`	affected	semver	—
`7.0.8.1`	affected	generic	—
`7.1.0`	affected	semver	—
`7.1.0.1`	affected	generic	—
`7.1.0.2`	affected	generic	—
`7.1.0.3`	affected	generic	—
`7.2.0`	affected	semver	—
`7.2.1`	affected	semver	—
`7.2.2`	affected	semver	—
`7.2.0.1`	affected	generic	—
`7.2.3`	affected	semver	—
`7.2.3.1`	affected	generic	—
`7.2.4`	affected	semver	—
`7.2.4.1`	affected	generic	—
`7.2.5`	affected	semver	—
`7.2.5.1`	affected	generic	—
`7.2.6`	affected	semver	—
`7.2.7`	affected	semver	—
`7.2.5.2`	affected	generic	—
`7.2.8`	affected	semver	—
`7.2.8.1`	affected	generic	—
`7.2.9`	affected	semver	—
`7.2.10`	affected	semver	—
`7.2.10.2`	affected	generic	—
`7.2.10.1`	affected	generic	—
`7.3.0`	affected	semver	—
`7.3.1`	affected	semver	—
`7.3.1.1`	affected	generic	—
`7.3.1.2`	affected	generic	—
`7.4.0`	affected	semver	—
`7.4.1`	affected	semver	—
`7.4.1.1`	affected	generic	—
`7.4.2`	affected	semver	—
`7.4.2.1`	affected	generic	—
`7.4.2.2`	affected	generic	—
`7.4.2.3`	affected	generic	—
`7.4.2.4`	affected	generic	—
`7.4.3`	affected	semver	—
`7.6.0`	affected	semver	—
`7.6.1`	affected	semver	—
`7.6.2`	affected	semver	—
`7.6.2.1`	affected	generic	—
`7.6.3`	affected	semver	—
`7.7.0`	affected	semver	—
`7.7.10`	affected	semver	—
`7.7.10.1`	affected	generic	—
`7.7.11`	affected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply the vendor’s latest FMC patch or upgrade to the newest release that addresses the authentication bypass flaw.
Restrict external access to the FMC web interface to trusted IP ranges, enforce HTTPS, and disable unused management ports.
Monitor and alert on unexpected HTTP requests or authentication failures to detect abuse early.

Generated by OpenCVE AI on May 6, 2026 at 16:27 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.11828.

Exploitation none

Automatable yes

Technical Impact total

References

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-onprem-fmc-authbypass-5JPp45V2

History

Wed, 06 May 2026 16:45:00 +0000

Type	Values Removed	Values Added
Title		Authentication Bypass in Cisco FMC Allows Root Access

Sat, 02 May 2026 08:45:00 +0000

Type	Values Removed	Values Added
Title	Authentication Bypass in Cisco Secure Firewall Management Center Web Interface

Wed, 29 Apr 2026 01:15:00 +0000

Type	Values Removed	Values Added
Title		Authentication Bypass in Cisco Secure Firewall Management Center Web Interface

Wed, 22 Apr 2026 04:00:00 +0000

Type	Values Removed	Values Added
Title	Unauthenticated Authentication Bypass in Cisco Secure Firewall Management Center Leading to Root Access

Thu, 16 Apr 2026 13:45:00 +0000

Type	Values Removed	Values Added
Title		Unauthenticated Authentication Bypass in Cisco Secure Firewall Management Center Leading to Root Access

Thu, 05 Mar 2026 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Thu, 05 Mar 2026 09:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Cisco Cisco secure Firewall Management Center
Vendors & Products		Cisco Cisco secure Firewall Management Center

Wed, 04 Mar 2026 17:30:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability in the web interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and execute script files on an affected device to obtain root access to the underlying operating system. This vulnerability is due to an improper system process that is created at boot time. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute a variety of scripts and commands that allow root access to the device.
Weaknesses		CWE-288
References		https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-onprem-fmc-authbypass-5JPp45V2
Metrics		cvssV3_1 `{'score': 10, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H'}`

Subscriptions

Cisco Secure Firewall Management Center

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2026-03-04T17:17:35.838Z

Updated: 2026-03-05T14:06:33.865Z

Reserved: 2025-10-08T11:59:15.363Z

Link: CVE-2026-20079

Vulnrichment

Updated: 2026-03-05T14:06:30.378Z

NVD

Status : Awaiting Analysis

Published: 2026-03-04T18:16:24.230

Modified: 2026-03-05T19:39:11.967

Link: CVE-2026-20079

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-06T16:30:06Z

Weaknesses

CWE-288

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable yes

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object