Cisco released its first semiannual firewall updates for 2026, addresses 25 security advisories covering 48 individual CVEs.

Cisco’s advisory released in march tracked and detailed as critical-severity flaws.

CVE-2026-20079 with CVSS score of 10/10 (an authentication bypass weakness)

CVE-2026-20131 with high CVSS score ( insecure deserialization)

CISCO advisory Contained 25 security advisories describing major security defects affecting its enterprise networking products.

CVE-2026-20079 is described as an authentication bypass in the web interface of Cisco Secure FMC software. Successful exploitation of the bug allows attackers to execute arbitrary scripts on vulnerable deployments and gain root access to the underlying OS.

CVE-2026-20131 is described as a vulnerability that can be exploited by an attacker by sending a crafted serialized Java object to the web-based management interface. Any successful attack could allow the attacker to execute arbitrary code on the device and elevate privileges to root.

Of the remaining flaws, a further six are rated ‘high’, with CVSS scores of between 7.2 and 8.6. These include the Firewall Management Center SQL injection vulnerabilities CVE-2026-20001, CVE-2026-20002 and CVE-2026-20003, all remotely exploitable by an authenticated attacker. Again, no workarounds are possible.

The remaining three dozen flaws addressed in Cisco’s enterprise networking appliances are medium-severity issues.

There are no workarounds to mitigate either vulnerability. Cisco urged customers to upgrade to the fixed software indicated in the advisory.

Remediation:

Cisco suggested since all are remotely exploitable by an authenticated attacker, using Cisco’s software checker to determine the appropriate update. Alternatively, admins can consult the tables in the Cisco Secure Firewall Threat Defense Compatibility Guide.

Sources: Cisco issues emergency patches for critical firewall vulnerabilities | CSO Online