嗯,用户让我总结一下这篇文章的内容,控制在一百个字以内,而且不需要用“文章内容总结”或者“这篇文章”这样的开头。直接写描述即可。 首先,我需要通读整篇文章,理解主要内容。文章讲的是Cisco修复了两个高危漏洞,这些漏洞威胁到防火墙的安全。第一个漏洞是CVE-2026-20079,CVSS评分10分,属于身份验证绕过问题。第二个漏洞是CVE-2026-20131,同样是CVSS评分10分,涉及远程代码执行和Java反序列化问题。 这两个漏洞都存在于Cisco Secure FMC的Web界面中,攻击者可以利用这些漏洞绕过身份验证或执行任意代码,从而获得root权限。文章还提到Cisco已经发布了补丁,并且目前没有公开披露或活跃利用的报告。 接下来,我需要将这些信息浓缩到一百字以内。要确保涵盖关键点:修复了两个最高严重级别的漏洞、身份验证绕过和远程代码执行、攻击者可获得root权限、影响防火墙安全、补丁已发布。 可能的结构是:Cisco修复了两个最高严重级别的漏洞(CVE-2026-20079和CVE-2026-20131),这些问题可能导致攻击者绕过身份验证或执行代码以获得root权限,影响防火墙安全。补丁已发布。 检查一下字数是否在限制内,并确保信息准确无误。 </think> Cisco修复了两个最高严重级别的漏洞(CVE-2026-20079和CVE-2026-20131),这些问题可能导致攻击者绕过身份验证或执行代码以获得root权限,影响防火墙安全。补丁已发布。 2026-3-4 22:10:6 Author: securityaffairs.com(查看原文) 阅读量:4 收藏
Cisco fixes maximum-severity Secure FMC bugs threatening firewall security
Cisco patched two critical Secure FMC vulnerabilities that could let attackers gain root access to managed firewalls.
Cisco addressed two maximum-severity vulnerabilities in its Secure Firewall Management Center (FMC) that could allow attackers to gain root access. Cisco Secure Firewall Management Center (FMC) is a centralized management platform for Cisco firewalls.
It lets administrators configure, monitor, and control multiple firewalls from a single web or SSH interface. Through FMC, teams can manage policies for intrusion prevention (IPS), application control, URL filtering, advanced malware protection, logging, reporting, and overall network security posture across their environment.
The first vulnerability, tracked as CVE-2026-20079 (CVSS score of 10.0), is an authentication bypass issue.
The flaw resides in Cisco Secure FMC’s web interface and lets unauthenticated remote attackers bypass authentication and send crafted HTTP requests to execute scripts, potentially gaining root access to the underlying operating system.
“A vulnerability in the web interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and execute script files on an affected device to obtain root access to the underlying operating system.” reads the advisory. “This vulnerability is due to an improper system process that is created at boot time. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute a variety of scripts and commands that allow root access to the device.”
The second vulnerability, tracked as CVE-2026-20131 (CVSS score of 10.0), is a remote code execution issue.
The flaw resides in Cisco Secure FMC’s web interface and allows unauthenticated remote attackers to exploit insecure Java deserialization and execute arbitrary code as root by sending a crafted serialized object.
“A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device.” reads the advisory. “This vulnerability is due to insecure deserialization of a user-supplied Java byte stream. An attacker could exploit this vulnerability by sending a crafted serialized Java object to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the device and elevate privileges to root.”
CVE-2026-20131 also impacts Cisco Security Cloud Control (SCC) Firewall Management.
Company PSIRT said it is not aware of any public disclosure or active exploitation of both vulnerabilities.
The networking giant said that there are no workarounds that address these flaws.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Secure FMC)
如有侵权请联系:admin#unsafe.sh