Cisco fixes critical flaw in firewall management platform

Cisco released over 20 security advisories for its firewall products, including a critical vulnerability (CVE-2025-20265) in Secure FMC that allows remote code execution via crafted Radius authentication input. The flaw stems from improper input handling and affects high-privilege command execution. Cisco also patched several high-severity issues that could enable remote or authenticated denial-of-service attacks, HTML injection, file access, and SSRF. While no active exploitation has been detected, customers are urged to apply patches and use Cisco’s checker tool to identify affected systems.

Read more:

https://www.securityweek.com/cisco-patches-critical-vulnerability-in-firewall-management-platform/