CISA urgent mitigation order for Cisco FMC CVE-2026-20131
Advisory/Mitigation
Summary
Hide ▲
Show ▼
CISA ordered federal civilian agencies to patch CVE-2026-20131 in Cisco Secure Firewall Management Center (FMC) within three days or discontinue use if mitigations are unavailable. The directive responds to an actively exploited critical RCE that can let an unauthenticated attacker run code as root on affected devices. CISA placed the vulnerability in its KEV catalog on Thursday 19 March, signaling urgent exposure across government deployments.
Cases
Related Happenings
CISA sets June 28 patch deadline for Cisco Unified Communications Manager Server
Public Sector Action
H score35
First: 26.06.2026 22:43
Last: 26.06.2026 22:43
Sources 1
About this happening:
CISA ordered **federal agencies** to patch **CVE-2026-20230** in **Cisco Unified Communications Manager Server** by **June 28**, tightening exposure around an **actively exploited...
CISA sets June 28 patch deadline for Cisco Unified Communications Manager Server
Public Sector ActionAbout this happening: CISA ordered **federal agencies** to patch **CVE-2026-20230** in **Cisco Unified Communications Manager Server** by **June 28**, tightening exposure around an **actively exploited...
CISA adds CVE-2026-12569 to KEV for PTC Windchill and FlexPLM
Public Sector Action
H score46
First: 26.06.2026 15:31
Last: 26.06.2026 15:31
Sources 1
About this happening:
CISA **added CVE-2026-12569** to the **KEV catalog** after finding **active exploitation** of **PTC Windchill PDMlink** and **PTC FlexPLM**, elevating the flaw to a federal remedi...
CISA adds CVE-2026-12569 to KEV for PTC Windchill and FlexPLM
Public Sector ActionAbout this happening: CISA **added CVE-2026-12569** to the **KEV catalog** after finding **active exploitation** of **PTC Windchill PDMlink** and **PTC FlexPLM**, elevating the flaw to a federal remedi...
CISA KEV remediation order for CVE-2026-48907
Public Sector Action
H score89
First: 17.06.2026 08:50
Last: 17.06.2026 08:50
Sources 1
About this happening:
CISA added **CVE-2026-48907** to the **KEV catalog** and ordered **FCEB agencies** to apply fixes by **June 19, 2026**, forcing federal remediation of an **actively exploited** Jo...
CISA KEV remediation order for CVE-2026-48907
Public Sector ActionAbout this happening: CISA added **CVE-2026-48907** to the **KEV catalog** and ordered **FCEB agencies** to apply fixes by **June 19, 2026**, forcing federal remediation of an **actively exploited** Jo...
CISA adds CVE-2026-20262 to KEV and orders federal fixes
Public Sector Action
H score32
First: 16.06.2026 09:05
Last: 16.06.2026 09:05
Sources 1
About this happening:
**CISA** added **CVE-2026-20262** to its **Known Exploited Vulnerabilities (KEV) catalog** and required **Federal Civilian Executive Branch (FCEB)** agencies to apply Cisco's fixe...
CISA adds CVE-2026-20262 to KEV and orders federal fixes
Public Sector ActionAbout this happening: **CISA** added **CVE-2026-20262** to its **Known Exploited Vulnerabilities (KEV) catalog** and required **Federal Civilian Executive Branch (FCEB)** agencies to apply Cisco's fixe...
CISA KEV update and FCEB remediation deadline
Public Sector Action
H score33
First: 10.06.2026 17:44
Last: 10.06.2026 17:44
Sources 1
About this happening:
**CISA** added **three actively exploited vulnerabilities** to the **KEV catalog** and ordered **Federal Civilian Executive Branch agencies** to remediate by **June 23, 2026**. Th...
CISA KEV update and FCEB remediation deadline
Public Sector ActionAbout this happening: **CISA** added **three actively exploited vulnerabilities** to the **KEV catalog** and ordered **Federal Civilian Executive Branch agencies** to remediate by **June 23, 2026**. Th...
Timeline
-
23.03.2026 12:30 1 articles · 3mo ago
Interlock exploits Cisco FMC CVE-2026-20131
Exploitation ObservedInterlock ransomware actors are reported to have exploited CVE-2026-20131 in attacks against Cisco Secure Firewall Management Center (FMC) starting January 26, using the web-based management interface to gain initial access before post-exploitation activity.
Show sources
- CISA Orders US Government to Patch Maximum Severity Cisco Flaw — www.infosecurity-magazine.com — 23.03.2026 12:30
-
23.03.2026 12:30 1 articles · 3mo ago
Cisco patches CVE-2026-20131 in FMC
Mitigation Patch UpdateCisco patches the critical unauthenticated remote code execution flaw in Cisco Secure Firewall Management Center (FMC) on March 4 after reports that the Interlock ransomware group had been exploiting it as a zero day for several months.
Show sources
- CISA Orders US Government to Patch Maximum Severity Cisco Flaw — www.infosecurity-magazine.com — 23.03.2026 12:30
-
23.03.2026 12:30 2 articles · 3mo ago
CISA adds CVE-2026-20131 to KEV
Legal Policy Action UpdateCISA adds CVE-2026-20131 to its Known Exploited Vulnerabilities (KEV) catalog on Thursday 19 March and gives federal civilian agencies three days to patch Cisco Secure Firewall Management Center (FMC) or discontinue use if mitigations are unavailable, warning that the CVE is known to be used in ransomware campaigns.
Show sources
- CISA Orders US Government to Patch Maximum Severity Cisco Flaw — www.infosecurity-magazine.com — 23.03.2026 12:30
- CISA Orders US Government to Patch Maximum Severity Cisco Flaw — www.infosecurity-magazine.com — 23.03.2026 12:30
-
23.03.2026 12:30 1 articles · 3mo ago
CISA urgent patch order for federal civilian agencies
Initial DisclosureCISA tells federal civilian agencies to patch CVE-2026-20131 in Cisco Secure Firewall Management Center (FMC) after the flaw is described as a critical remote code execution issue that can let an unauthenticated remote attacker execute arbitrary Java code as root on an affected device.
Show sources
- CISA Orders US Government to Patch Maximum Severity Cisco Flaw — www.infosecurity-magazine.com — 23.03.2026 12:30