{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T08:55:07.418","vulnerabilities":[{"cve":{"id":"CVE-2025-20265","sourceIdentifier":"psirt@cisco.com","published":"2025-08-14T17:15:39.723","lastModified":"2025-08-16T01:15:27.227","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the RADIUS subsystem implementation of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device.&nbsp;\r\n\r\nThis vulnerability is due to a lack of proper handling of user input during the authentication phase. An attacker could exploit this vulnerability by sending crafted input when entering credentials that will be authenticated at the configured RADIUS server. A successful exploit could allow the attacker to execute commands at a high&nbsp;privilege level.\r\nNote: For this vulnerability to be exploited, Cisco Secure FMC Software must be configured for RADIUS authentication for the web-based management interface, SSH management, or both."},{"lang":"es","value":"Una vulnerabilidad en la implementación del subsistema RADIUS del software Cisco Secure Firewall Management Center (FMC) podría permitir que un atacante remoto no autenticado inyecte comandos de shell arbitrarios que son ejecutados por el dispositivo. Esta vulnerabilidad se debe a una gestión inadecuada de la entrada del usuario durante la fase de autenticación. Un atacante podría explotar esta vulnerabilidad enviando una entrada manipulada al introducir credenciales que se autenticarán en el servidor RADIUS configurado. Una explotación exitosa podría permitir al atacante ejecutar comandos con un alto nivel de privilegios. Nota: Para explotar esta vulnerabilidad, el software Cisco Secure FMC debe estar configurado para la autenticación RADIUS para la interfaz de administración web, la administración SSH o ambas."}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":6.0}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:secure_firewall_management_center:7.0.7:*:*:*:*:*:*:*","matchCriteriaId":"44D21149-BF7B-4188-A336-49AA5683BDC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:secure_firewall_management_center:7.7.0:*:*:*:*:*:*:*","matchCriteriaId":"5BBDBCE8-CD5E-48BD-B61B-A36376C5A585"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-radius-rce-TNBKf79","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://www.bleepingcomputer.com/news/security/cisco-warns-of-max-severity-flaw-in-firewall-management-center/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.theregister.com/2025/08/15/cisco_secure_firewall_management_bug/","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}