Cisco Warns of CVSS 10.0 FMC RADIUS Flaw Allowing Remote Code Execution
Cisco has released security updates to address a maximum-severity security flaw in Secure Firewall Management Center (FMC) Software that could allow an attacker to execute arbitrary code on affected systems.
The vulnerability, assigned the CVE identifier CVE-2025-20265 (CVSS score: 10.0), affects the RADIUS subsystem implementation that could permit an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device.
The networking equipment major said the issue stems from a lack of proper handling of user input during the authentication phase, as a result of which an attacker could send specially crafted input when entering credentials that get authenticated at the configured RADIUS server.
"A successful exploit could allow the attacker to execute commands at a high privilege level," the company said in a Thursday advisory. "For this vulnerability to be exploited, Cisco Secure FMC Software must be configured for RADIUS authentication for the web-based management interface, SSH management, or both."
The shortcoming impacts Cisco Secure FMC Software releases 7.0.7 and 7.7.0 if they have RADIUS authentication enabled. There are no workarounds other than applying the patches provided by the company. Brandon Sakai of Cisco has been credited with discovering the issue during internal security testing.
Besides CVE-2025-20265, Cisco has also resolved a number of high-severity bugs –
- CVE-2025-20217 (CVSS score: 8.6) – Cisco Secure Firewall Threat Defense Software Snort 3 Denial-of-Service Vulnerability
- CVE-2025-20222 (CVSS score: 8.6) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software for Firepower 2100 Series IPv6 over IPsec Denial-of-Service Vulnerability
- CVE-2025-20224, CVE-2025-20225, CVE-2025-20239 (CVSS scores: 8.6) – Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial-of-Service Vulnerabilities
- CVE-2025-20133, CVE-2025-20243 (CVSS scores: 8.6) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Denial-of-Service Vulnerabilities
- CVE-2025-20134 (CVSS score: 8.6) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software SSL/TLS Certificate Denial-of-Service Vulnerability
- CVE-2025-20136 (CVSS score: 8.6) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Network Address Translation DNS Inspection Denial-of-Service Vulnerability
- CVE-2025-20263 (CVSS score: 8.6) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Web Services Denial-of-Service Vulnerability
- CVE-2025-20148 (CVSS score: 8.5) – Cisco Secure Firewall Management Center Software HTML Injection Vulnerability
- CVE-2025-20251 (CVSS score: 8.5) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN Web Server Denial-of-Service Vulnerability
- CVE-2025-20127 (CVSS score: 7.7) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software for Firepower 3100 and 4200 Series TLS 1.3 Cipher Denial-of-Service Vulnerability
- CVE-2025-20244 (CVSS score: 7.7) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access VPN Web Server Denial-of-Service Vulnerability
While none of the flaws have come under active exploitation in the wild, with network appliances repeatedly getting caught in the attackers' crosshairs, it's essential that users move quickly to update their instances to the latest version.
Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.
Original Article Published at The Hackers News
________________________________________________________________________________________________________________________________