CVE-2026-20131

CRITICAL KEV RANSOMWARE LAB

Cisco FMC - Deserialization

Title source: llm

Description

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device. This vulnerability is due to insecure deserialization of a user-supplied Java byte stream. An attacker could exploit this vulnerability by sending a crafted serialized Java object to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the device and elevate privileges to root. Note: If the FMC management interface does not have public internet access, the attack surface that is associated with this vulnerability is reduced.

Exploits (5)

github TROJAN 10 stars
by XiaomingX · pythonpoc
https://github.com/XiaomingX/data-cve-poc-py-v1/tree/main/2026/CVE-2026-20131
nomisec WORKING POC
by Hassan-Pouladi · poc
https://github.com/Hassan-Pouladi/Cisco-FMC-honeypot
nomisec WORKING POC
by sak110 · poc
https://github.com/sak110/CVE-2026-20131
nomisec TROJAN
by p3Nt3st3r-sTAr · poc
https://github.com/p3Nt3st3r-sTAr/CVE-2026-20131-POC
nomisec SCANNER
by Sushilsin · poc
https://github.com/Sushilsin/CVE-2026-20131

Scores

CVSS v3 10.0
EPSS 0.0107
EPSS Percentile 77.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Details

CISA KEV 2026-03-19
VulnCheck KEV 2026-03-18
ENISA EUVD EUVD-2026-9444
Ransomware Use Confirmed
CWE
CWE-502
Status published
Products (50)
Cisco/Cisco Secure Firewall Management Center (FMC) 10.0.0
Cisco/Cisco Secure Firewall Management Center (FMC) 6.4.0.13
Cisco/Cisco Secure Firewall Management Center (FMC) 6.4.0.14
Cisco/Cisco Secure Firewall Management Center (FMC) 6.4.0.15
Cisco/Cisco Secure Firewall Management Center (FMC) 6.4.0.16
Cisco/Cisco Secure Firewall Management Center (FMC) 6.4.0.17
Cisco/Cisco Secure Firewall Management Center (FMC) 6.4.0.18
Cisco/Cisco Secure Firewall Management Center (FMC) 7.0.0
Cisco/Cisco Secure Firewall Management Center (FMC) 7.0.0.1
Cisco/Cisco Secure Firewall Management Center (FMC) 7.0.1
... and 40 more
Published Mar 04, 2026
KEV Added Mar 19, 2026
Tracked Since Mar 05, 2026