Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Cisco Secure Firewall Management Center patch release (CVE-2026-20079, CVE-2026-20131)

Security Patch Release
First reported
Last updated
Happening score
H score 60
2 unique sources, 5 articles

Summary

Hide ▲

Cisco Secure Firewall Management Center (FMC) patch release for CVE-2026-20131 and CVE-2026-20079 addressed CVSS 10 flaws that could let an unauthenticated remote attacker gain root or execute arbitrary code on affected devices. Cisco patched the issues on March 4, and later reporting said Interlock ransomware had been exploiting CVE-2026-20131 as a zero-day for months, prompting CISA to order federal civilian agencies to patch by March 22.

Cases

Cisco FMC zero-day exploitation and KEV response (4)

Related Happenings

Cisco Secure Workload REST API patch release (CVE-2026-20223)

Security Patch Release
First: 22.05.2026 08:36 Last: 22.05.2026 08:36 Sources 1

About this happening: Cisco patched **CVE-2026-20223**, a **CVSS 10.0** Secure Workload REST API flaw that could expose sensitive data and allow configuration changes across tenant boundaries. The upda...

Open Happening

Cisco ThousandEyes and Nexus security patches

Security Patch Release
First: 21.05.2026 15:04 Last: 21.05.2026 15:04 Sources 1

About this happening: Cisco released patches for **three medium-severity vulnerabilities** affecting **ThousandEyes Virtual Appliance**, **ThousandEyes Enterprise Agent**, and **Nexus 3000/9000 switche...

Open Happening

Ivanti security patch release for CVE-2026-8043

Security Patch Release
First: 18.05.2026 13:54 Last: 18.05.2026 13:54 Sources 1

About this happening: **Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...

Open Happening

OpenDCIM multi-flaw exploitation wave (CVE-2026-28515, CVE-2026-28516, CVE-2026-28517)

Exploitation Wave
First: 17.05.2026 14:57 Last: 17.05.2026 14:57 Sources 1

About this happening: **openDCIM** is seeing an **active exploitation wave** tied to **CVE-2026-28515**, **CVE-2026-28516**, and **CVE-2026-28517**, with attackers targeting vulnerable installations an...

Open Happening

Cisco security patch release for CVE-2026-20182

Security Patch Release
First: 14.05.2026 20:45 Last: 14.05.2026 20:45 Sources 1

About this happening: Cisco released **updates** for **CVE-2026-20182**, a **maximum-severity authentication bypass** in **Catalyst SD-WAN Controller/Manager**, after the flaw was **exploited in limite...

Open Happening

Timeline

  1. 20.03.2026 17:09 1 articles · 2mo ago

    CISA orders patching of Cisco FMC CVE-2026-20131

    Legal Policy Action Update

    CISA ordered Federal Civilian Executive Branch (FCEB) agencies to apply security updates for CVE-2026-20131 in Cisco Secure Firewall Management Center (FMC) by Sunday, March 22 after Cisco updated its bulletin on March 18 to warn of active exploitation in the wild. Amazon threat intelligence researchers said Interlock ransomware had been exploiting CVE-2026-20131 as a zero-day since the end of January, and Cisco said the web-based management interface could let an unauthenticated, remote attacker execute arbitrary Java code as root on an affected device.

    Show sources
    Open in new tab
  2. 05.03.2026 12:30 2 articles · 2mo ago

    Cisco releases patches for 48 Secure Firewall vulnerabilities

    Mitigation Patch Update

    Cisco released 25 joint security advisories on March 4, 2026 covering security patches for 48 vulnerabilities across Cisco Secure Firewall Adaptive Security Appliance (ASA), Secure Firewall Management Center (FMC), and Secure Firewall Threat Defense (FTD). The bundle includes CVE-2026-20079 and CVE-2026-20131, both CVSS 10 flaws in Cisco Secure FMC software; Cisco said there are no workarounds and urged customers to upgrade to the fixed software indicated in the advisories.

    Show sources
    Open in new tab
  3. 04.03.2026 21:12 2 articles · 2mo ago

    Cisco releases Secure Firewall Management Center security updates

    Mitigation Patch Update

    Cisco released security updates for Secure Firewall Management Center (FMC) to address CVE-2026-20079 and CVE-2026-20131, two maximum-severity flaws that unauthenticated remote attackers could exploit to gain root access or execute arbitrary Java code as root on unpatched devices. Cisco Security Cloud Control (SCC) Firewall Management is also affected by CVE-2026-20131, and Cisco PSIRT says there is no evidence of exploitation or published PoC code.

    Show sources
    Open in new tab