Red Hot Cyber, The cybersecurity news

Red Hot Cyber

Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Select language
Spanish Italian
Search

Bug da Oscar (score 10) per Cisco Secure Firewall Management Center

Redazione RHC : 15 August 2025 09:32

A critical security flaw has been disclosed by Cisco in its Secure Firewall Management Center (FMC) software, potentially allowing unauthenticated attackers to remotely execute shell commands of their choice with high levels of authorization. The vulnerability, identified as CVE-2025-20265 and assigned the maximum CVSS score of 10.0, represents one of the most serious security flaws discovered in Cisco’s firewall infrastructure this year.

Attackers can exploit this vulnerability by sending specially crafted credentials during the RADIUS authentication process, allowing them to inject malicious shell commands that are subsequently executed by the target device. What makes this vulnerability particularly dangerous is The fact that it requires no authentication and can be exploited remotely over the network.

ProductAffected VersionsPrerequisitesStatus
Cisco Secure Firewall Management Center (FMC) Software7.0.7RADIUS Authentication EnabledVulnerable
Cisco Secure Firewall Management Center (FMC) Software7.7.0RADIUS Authentication EnabledVulnerable
Cisco Secure Firewall ASA SoftwareAll ReleasesN/ANot Affected
Cisco Secure Firewall Threat Defense (FTD) SoftwareAll ReleasesN/ANot Affected

The security vulnerability resides in the implementation of the RADIUS subsystem of Cisco’s Secure Firewall Software and specifically affects the authentication phase, where user input is improperly handled.

The vulnerability specifically affects Cisco Secure FMC Software versions 7.0.7 and 7.7.0, but only when RADIUS authentication is enabled for the web-based management interface, for SSH management, or for both. Organizations that do not use RADIUS authentication are not vulnerable to this specific attack vector.

The vulnerability results from insufficient input validation during the credential verification process, creating an opportunity for command injection attacks when the system processes authentication requests sent to the configured RADIUS server.

Cisco
has released updates and patches that address the vulnerability and strongly recommends applying the patches to all systems immediately. interested.

Redazione
The editorial team of Red Hot Cyber consists of a group of individuals and anonymous sources who actively collaborate to provide early information and news on cybersecurity and computing in general.

Lista degli articoli