Cisco released a patch addressing a critical vulnerability in its Secure Firewall Management Center (FMC) software, tracked as CVE-2025-20265, rated 10.0 on the CVSS scale. The vulnerability arises from improper input handling in the RADIUS authentication subsystem during login, specifically impacting configurations using RADIUS for web and SSH management. Successful exploits could allow attackers to execute high-privilege commands. Cisco's internal testing discovered the flaw, though there are no reports of it being exploited in the wild at this time, raising concerns about potential future attacks, particularly from state-backed actors.
An attacker could exploit this vulnerability by sending crafted input when entering credentials that will be authenticated at the configured RADIUS server. A successful exploit could allow the attacker to execute commands at a high privilege level.
Cisco has issued a patch for a maximum-severity bug in its Secure Firewall Management Center (FMC) software that could allow an unauthenticated, remote attacker to inject arbitrary shell commands on vulnerable systems.
CVE-2025-20265 received a critical 10.0 CVSS rating. It's caused by improper handling of user input by FMC's RADIUS authentication subsystem during the login process.
As of now, Cisco isn't aware of any in-the-wild exploitation of this CVE. But it's probably just a matter of time, considering how government-backed attackers - notably those from China - like to target Cisco networking devices.
Collection
[
|
...
]