{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T17:22:21.334","vulnerabilities":[{"cve":{"id":"CVE-2026-20044","sourceIdentifier":"psirt@cisco.com","published":"2026-03-04T18:16:17.580","lastModified":"2026-03-05T19:39:11.967","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the lockdown mechanism of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, local attacker to perform arbitrary commands as root.\r\n\r\nThis vulnerability is due to insufficient restrictions on remediation modules while in lockdown mode. An attacker could exploit this vulnerability by sending crafted input to the system CLI of the affected device. A successful exploit could allow the attacker to run arbitrary commands or code as root, even when the system is in lockdown mode. To exploit this vulnerability, the attacker must have valid administrative credentials."},{"lang":"es","value":"Una vulnerabilidad en el mecanismo de bloqueo de Cisco Secure Firewall Management Center (FMC) Software podría permitir a un atacante local autenticado ejecutar comandos arbitrarios como root.\n\nEsta vulnerabilidad se debe a restricciones insuficientes en los módulos de remediación mientras está en modo de bloqueo. Un atacante podría explotar esta vulnerabilidad enviando una entrada manipulada a la CLI del sistema del dispositivo afectado. Un exploit exitoso podría permitir al atacante ejecutar comandos o código arbitrarios como root, incluso cuando el sistema está en modo de bloqueo. Para explotar esta vulnerabilidad, el atacante debe tener credenciales administrativas válidas."}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N","baseScore":6.0,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":5.2}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Primary","description":[{"lang":"en","value":"CWE-269"}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inject-S9ZM4EJf","source":"psirt@cisco.com"}]}}]}