← back
CVE-2026-20044

Cisco Secure Firewall Management Center Command Injection Vulnerability

CVSS 6 MEDIUMEPSS 0.1%CWE-269
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
04 Mar 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A vulnerability in the lockdown mechanism of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, local attacker to perform arbitrary commands as root. This vulnerability is due to insufficient restrictions on remediation modules while in lockdown mode. An attacker could exploit this vulnerability by sending crafted input to the system CLI of the affected device. A successful exploit could allow the attacker to run arbitrary commands or code as root, even when the system is in lockdown mode. To exploit this vulnerability, the attacker must have valid administrative credentials.
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N