CVE-2026-20002 - Vulnerability Analysis
HighCVSS: 8.1Last Updated: March 5, 2026
Cisco Secure FMC Software - SQL Injection
Overview
Cisco Secure FMC Software contains a SQL injection caused by inadequate validation of user-supplied input in the web-based management interface, letting authenticated remote attackers access the database and read certain OS files.
Severity & Score
Impact
Authenticated attackers can access the database fully and read certain files on the underlying operating system.
Mitigation
Update to the latest version of Cisco Secure FMC Software.
Social Media Activity(2 posts)
š CVE-2026-20002 - High (8.1) A vulnerability in the web-based management interface of Cisco Secure FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to inadequate validation of user-... š https://www.thehackerwire.com/vulnerability/CVE-2026-20002/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postš CVE-2026-20002 - High (8.1) A vulnerability in the web-based management interface of Cisco Secure FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to inadequate validation of user-... š https://www.thehackerwire.com/vulnerability/CVE-2026-20002/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2026-20002
- Severity
- High
- CVSS Score
- 8.1
- Type
- sql_injection
- Status
- unconfirmed
- EPSS
- 3.3%
- Social Posts
- 2
CWE
- CWE-89
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N