← ExploitWatch
HomeExploited Vulnerabilities

CVE-2026-20131 — Actively Exploited: Secure Firewall Management Center (FMC) (Cisco)

Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management contain a deserialization of untrusted data vulnerability in the web-based management interface that could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected dev

CVE IDCVE-2026-20131
VendorCisco
ProductSecure Firewall Management Center (FMC)
Vulnerability nameCisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewa
Date added2026-03-19
Remediation due2026-03-22
Known ransomware useKnown
Required actionApply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
DescriptionCisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management contain a deserialization of untrusted data vulnerability in the web-based management interface that could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →