Cisco has issued security updates to address a critical vulnerability in its Secure Firewall Management Center (FMC) Software, designated as CVE-2025-20265, which carries a maximum CVSS score of 10.0. This flaw resides in the RADIUS subsystem and could enable an unauthorized remote attacker to execute arbitrary code on affected systems by injecting shell commands during the authentication process.
The company indicated that the vulnerability arises from inadequate handling of user input during authentication, allowing attackers to exploit the system by sending crafted credentials to the RADIUS server. They emphasized that successful exploitation would permit attackers to execute commands with high privilege levels.
For this vulnerability to be applicable, Cisco Secure FMC Software must be configured to use RADIUS authentication for either the web-based management interface or SSH management. The affected versions include 7.0.7 and 7.7.0 of the software, and no workarounds are available; users are advised to apply the patches.
In addition to this significant vulnerability, Cisco has resolved several other high-severity vulnerabilities in its software, each with CVSS scores ranging from 7.7 to 8.6, covering various facets of the Cisco Secure Firewall products. While none of these issues have reportedly been exploited in the wild as of now, users are strongly encouraged to update their systems promptly to maintain security.
Welcome to DediRock, your trusted partner in high-performance hosting solutions. At DediRock, we specialize in providing dedicated servers, VPS hosting, and cloud services tailored to meet the unique needs of businesses and individuals alike. Our mission is to deliver reliable, scalable, and secure hosting solutions that empower our clients to achieve their digital goals. With a commitment to exceptional customer support, cutting-edge technology, and robust infrastructure, DediRock stands out as a leader in the hosting industry. Join us and experience the difference that dedicated service and unwavering reliability can make for your online presence. Launch our website.