{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T19:05:46.670","vulnerabilities":[{"cve":{"id":"CVE-2025-20220","sourceIdentifier":"psirt@cisco.com","published":"2025-08-14T17:15:36.117","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the CLI of Cisco Secure Firewall Management Center (FMC) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root.\r\n\r This vulnerability is due to improper input validation for specific CLI commands. An attacker could exploit this vulnerability by injecting operating system commands into a legitimate command. A successful exploit could allow the attacker to escape the restricted command prompt and execute arbitrary commands on the underlying operating system. To successfully exploit this vulnerability, an attacker would need valid Administrator credentials.\r\n\r For more information about vulnerable scenarios, see the Details [\"#details\"] section of this advisory."},{"lang":"es","value":"Una vulnerabilidad en la CLI del software Cisco Secure Firewall Management Center (FMC) y del software Cisco Secure Firewall Threat Defense (FTD) podría permitir que un atacante local autenticado ejecute comandos arbitrarios en el sistema operativo subyacente como root. Esta vulnerabilidad se debe a una validación de entrada incorrecta para comandos CLI específicos. Un atacante podría explotar esta vulnerabilidad inyectando comandos del sistema operativo en un comando legítimo. Una explotación exitosa podría permitir al atacante eludir el símbolo del sistema restringido y ejecutar comandos arbitrarios en el sistema operativo subyacente. Para explotar esta vulnerabilidad, un atacante necesitaría credenciales de administrador válidas. Para obtener más información sobre los escenarios vulnerables, consulte la sección [\"#details\"] de este aviso."}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N","baseScore":6.0,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":5.2}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-ftd-cmdinj-PhE7kmT","source":"psirt@cisco.com"}]}}]}