Key takeaways of zdnet
- Cisco’s safe firewall management center security hole is as bad as they receive.
- There is no mitigation and no work -chart. Patch immediately.
- So far, no active active exploits have been confirmed.
Get ZDNET Tech coverage more deeply: Add us as a favorite google source Chrome and chromium on the browser.
do you use Sisko’s Safe Firewall Management Center (FMC) software? If your company is using a serious network Cisco Product-and Cisco’s 76%+ high-end networking market share, chances that you do-you have to patch it. Not in the weekend. Not Monday. Now.
Also: Microsoft Patch over 100 Windows Security Dosha – Now update your PC
Cisco has just made one patch Critical Command Injection Vulnerance (CVE-2025-20265) In FMC. How important is it? Let us keep it in this way: It has a general vulnerability scoring system (CVSS) score of 10.0, which is the highest possible risk rating in vulnerable scoring. In particular, the defect affects FMC versions 7.0.7 and 7.7.0 which are configured. Radius authentication On web-based or SSH management interface.
Radius is the real standard for network authentication. This is the most common implementation used to enable 802.1x Access Control Management. In other words, if you use FMC, it is almost a certainty that you are using radius, meaning that you are insecure.
The problem is that because the software has not cleaned the user input in the radius authentication phase, The attackers can send credentials prepared who will be executed as a high-future shell commandIf correctly abused, it can provide complete control to anyone at the Firewall Management Center.
Also: These notorious people have returned after leaking the search site 3 billion records – how to remove your data from it
Connecrators can take advantage of the defect without any pre -system access or legitimate credentials, adding humiliation of injury. I repeat: Without any pre -system access or legitimate credentials,
This is a security nightmare. Once a hacker has complete control over the firewall management, they can do a lot that they want both the firewall and the rest of your network.
The good news is that a good news is that Cisco secure firewall adaptive safety equipment (ASA) Software And Cisco safe firewall threat defense (ftd) software Are not affected.
Oh, and by the way, Cisco says, “There are no workarounds that address this vulnerability.” You have to patch the program. Now.
Cisco reports that the active acts in the wild have not been confirmed so far. give it time. The information in the security report is more than enough for a clever hacker to find out how to exploit this safety hole.
So, with once more feeling, patches it. Now patch it.
Also: AI – Do not do online for the disintegration attacks – here it is mentioned how fast
Cisco customers with service contracts who are entitled to them regular software updates should get security improvements through their general update channels. However, given how deep this hole is, Cisco is also offering patch for free. Either in case, take the following steps:
-
Go to the officer Cisco Security Advisor for CVE-2025-20265.
-
Log in with your Cisco account attached to your organization support contract.
-
Use the Cisco Software Checker Tool or check the download section of the advisor to identify specific fixed releases for your tool/version.
-
Download and install the FMC software update for your deployment – the versions have been provided for 7.0.7 and 7.7.0.
You know what to do now. get on with it.
