Cisco Secure Firewall Management Center RADIUS command injection (CVE-2025-20265)

Vulnerability

First reported

15.08.2025 09:49

Last updated

15.08.2025 09:49

Happening score

H score 25

1 unique sources, 1 articles

Summary

Hide ▲

Cisco has patched CVE-2025-20265, a CVSS 10.0 flaw in Secure Firewall Management Center (FMC) Software that can let an unauthenticated remote attacker execute arbitrary shell commands. The weakness affects the RADIUS subsystem when RADIUS authentication is enabled, putting FMC releases 7.0.7 and 7.7.0 at risk. Cisco said there is no workaround beyond applying the update. The issue was found during internal security testing, and Cisco said it was not actively exploited in the wild at disclosure.

Related Happenings

Cisco ASA and IOS/IOS XE zero-day exploitation wave

Exploitation Wave

First: 25.09.2025 22:22 Last: 25.09.2025 22:22 Sources 1

About this happening: **Cisco** exploitation wave now includes **CVE-2025-20352** in **Cisco IOS Software** and **Cisco IOS XE**, where **Trend Micro** says **Operation Zero Disco** abused the **SNMP s...

Latest development: 16.10.2025 21:13

Trend Micro says attackers in Operation Zero Disco exploited CVE-2025-20352 in older Cisco IOS and IOS XE networking devices, including Cisco 9400, 9300, and legacy 3750G series devices, to deploy a Linux rootkit and gain persistent access; the activity also included attempts to abuse CVE-2017-3881 on Cisco switches lacking endpoint detection response solutions.

Open Happening

Cisco SNMP mitigation guidance for CVE-2025-20352

Advisory/Mitigation

First: 25.09.2025 09:30 Last: 25.09.2025 09:30 Sources 1

About this happening: **Cisco** issued mitigation guidance for **CVE-2025-20352** on **SNMP-enabled IOS and IOS XE systems**, warning administrators to reduce exposure on devices that remain vulnerable...