Home / Vulnerability Intelligence / CVE-2026-20079

CVE-2026-20079 - Vulnerability Analysis

CriticalCVSS: 10.0

Last Updated: March 5, 2026

Cisco Secure Firewall Management Center - Authentication Bypass

Published: March 4, 2026Updated: March 5, 2026PoC AvailableRemote Exploitable

Overview

Cisco Secure Firewall Management Center Software contains an authentication bypass caused by improper system process creation at boot, letting unauthenticated remote attackers execute scripts and gain root access, exploit requires crafted HTTP requests.

Severity & Score

Severity: Critical

CVSS Score: 10.0

EPSS Score: 4.7%(Probability of exploitation in next 30 days)

Impact

Unauthenticated remote attackers can gain root access by executing scripts, leading to full system compromise.

Mitigation

Update to the latest available version.

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-onprem-fmc-authbypass-5JPp45V2

Social Media Activity(1 post)

Caitlin Condon

@catc0n

Mar 26, 2026

After 2+ weeks of semi-painful exploit development, @yeslikethefood and team have a full RCA out for Cisco Secure Firewall Management Center (FMC) CVE-2026-20079. The bug is a CVSS 10, but there are significant prerequisites that may limit exploitability in real-world scenarios. There are between 300 and 700 FMC systems on the public internet as of today. https://www.vulncheck.com/blog/cisco-fmc-auth-bypass-cve-2026-20079

View original post

GitHub Repositories(2 repos)

Related Resources

Details

CVE ID: CVE-2026-20079
Severity: Critical
CVSS Score: 10.0
Type: broken_authentication
Status: unconfirmed
EPSS: 4.7%
Social Posts: 1

CWE

CWE-288

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

EPSS Score

4.7%Probability of exploitation in the next 30 days