VDB

GCVE-VVD-NCSC-2026-76

GCVE-VVD-NCSC-2026-76
Advisory PublishedCVSS 10.0/10
Vulnetix · Advisory published March 4, 2026
A vulnerability in Cisco Secure Firewall Management Center's web interface allows unauthenticated remote attackers to bypass authentication and execute scripts to gain root access due to an improper system process created at boot.
Download JSON Open in Console

Weaknesses (CWE)

CWE-288Authentication Bypass Using an Alternate Path or ChannelCWE-502Deserialization of Untrusted Data

Risk Scores

CVSS 3.1
10.0/10
Critical · CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Affected Products

VendorProductVersionsPlatforms
Ciscovers:unknown/*

Aliases

CVE-2026-20131CVE-2026-20079

Transitive aliases

CVE-2026-20062VVD-CESS-2026-20049CVE-2024-20269BDU:2024-10830CNVD-2024-43206GHSA-r8xj-9pfh-x4pwGHSA-69cj-c8c5-j9xjTNCVE-2026-20009EUVD-2026-9481CVE-2024-20494CVE-2024-20382CVE-2024-20340CISCO-SA-ASAFTD-CMD-INJ-ZJV8WYSMBDU:2024-08856cisco-sa-fmc-sql-inj-LOYAFcfqCVE-2026-20101GHSA-ch3j-whf9-3xp2GHSA-4fg2-48mj-xwjmVVD-CESS-2026-20007CISCO-SA-FTD-CMD-INJ-MTZGZEXFGHSA-p6rg-m225-p79ccisco-sa-asa-ssh-dos-eEDWu5RMCVE-2024-20298CISCO-SA-FMC-SQL-INJ-LOYAFCFQGHSA-cqv2-qp3h-xq97GSD-2024-20407CVE-2024-20273CVE-2024-20412CVE-2024-20426BDU:2024-08837VVD-CESS-2026-20101BDU:2024-03265VVD-CESS-2026-20020BDU:2024-03264GSD-2024-20374GHSA-f928-7mj9-m8wxVVD-CESS-2026-20103GHSA-9hgq-rrv7-j79jcisco-sa-fmc-sql-injection-2qH6CcJdCVE-2026-20025EUVD-2026-9454EUVD-2026-9476CVE-2024-20386CVE-2024-20374CVE-2026-20105BDU:2024-08598WID-SEC-W-2024-3261EUVD-2026-9453CNVD-2024-43204EUVD-2026-9443EUVD-2026-9424cisco-sa-asaftd-webvpn-xss-uwjc4HRBDU:2024-10827cisco-sa-onprem-fmc-authbypass-5JPp45V2CVE-2026-20017CISCO-SA-ASA-SSH-KEYBYPASS-CR5XPUSFBDU:2024-08890GHSA-vq87-vqwh-6mj9VVD-CESS-2026-20106cisco-sa-ftd-snort3ssl-FBEKYXpHGSD-2024-20482CVE-2024-20471GHSA-rmpg-3w9x-w6prBDU:2024-08896cisco-sa-ftdfmc-dir-trav-wERgjhWqEUVD-2026-9429GHSA-m83r-8rcp-wv5vcisco-sa-asaftd-ikev2-dos-9FgEyHsFcisco-sa-asaftd-xss-yjj7ZjVqcisco-sa-asaftd-vpn-m9sx6MbCCISCO-SA-ASAFTD-WEBSRVS-DOS-X8GNUCD2CVE-2024-20330CVE-2024-20370CISCO-SA-ASA-SSH-DOS-EEDWU5RMcisco-sa-fmc-cmd-inject-S9ZM4EJfBDU:2024-10832GHSA-4jwf-2c3g-hqmjCVE-2026-20001CISCO-SA-ASAFTD-DESYNC-N5AVZEQWcisco-sa-asaftd-persist-rce-FLsNXF4hGHSA-9688-r3h2-vvjqcisco-sa-asa-tls-CWY6zXBGSD-2024-20331EUVD-2026-9440VVD-CESS-2026-20013GSD-2024-20275GHSA-cp3f-3wc5-j85wGHSA-v3gf-g9fc-578xGSD-2024-20341CVE-2026-20015CVE-2024-20339GHSA-2jcv-f397-c9m8VVD-CESS-2026-20015cisco-sa-fmc-sql-inject-2EnmTC8vCISCO-SA-FMC-CMD-INJ-2HBKA97GCNVD-2024-44495CVE-2026-20016cisco-sa-ftd-tcp-dos-rHfqnwRgCVE-2026-20106EUVD-2026-9425CISCO-SA-FTDFMC-DIR-TRAV-WERGJHWQGHSA-gr7r-qqx6-v859cisco-sa-asa-ssh-keybypass-cr5xPUSfGHSA-8pv3-xhwv-wgg4BDU:2024-10829CVE-2024-20485CNVD-2024-43201cisco-sa-ftd-tls-dos-QXYE5UfyGHSA-5xm6-h565-q6mccisco-sa-asaftd-nsgacl-bypass-77XnEAsLVVD-CESS-2026-20079BDU:2024-08867BDU:2024-03233CVE-2024-20372BDU:2024-10835CISCO-SA-ASAFTD-BF-DOS-VDZHLQRWcisco-sa-asa-ftd-priv-esc-hBS9gnwqNCSC-2026-0077GHSA-r5hp-h863-8vpxGHSA-qfh3-92rr-375xCVE-2024-20387CISCO-SA-FMC-PRIV-ESC-CMQ4S6M7cisco-sa-asa-vpn-nyH3fhpCVE-2026-20014BDU:2024-08844cisco-sa-fmc-priv-esc-CMQ4S6m7CVE-2026-20024VVD-CESS-2026-20105CVE-2026-20007EUVD-2026-9477EUVD-2026-9458GHSA-rqwm-368v-fp53CVE-2024-20402GSD-2024-20274CISCO-SA-FMC-SQL-INJECT-2ENMTC8VGHSA-3j6m-cq99-v646cisco-sa-ftd-statcred-dFC8tXT5GHSA-4qrp-r28g-j2vfcisco-sa-asaftd-esp-dos-uv7yD8P5GHSA-4j6q-qq58-w4v4BDU:2024-08814VVD-CESS-2026-20100GHSA-mv8w-c2qv-cgrgGHSA-rjp2-r49q-cqxhGHSA-mj8r-4vp9-fx97GHSA-99cr-qjpc-34g3CISCO-SA-FMC-XSS-DHJXQYZSGHSA-w6gx-j65f-mmx4CVE-2026-20103TNCVE-2026-20015CVE-2024-20481CNVD-2024-44491CVE-2024-20331GSD-2024-20384BDU:2024-11141EUVD-2026-9468VVD-CESS-2026-20070cisco-sa-fmc-html-inj-nfJeYHxzVVD-CESS-2026-20050BDU:2024-08834BDU:2024-08854EUVD-2026-9431GHSA-8j6j-jm5x-gjfxBDU:2024-08557VVD-NCSC-2024-424GSD-2024-20297CISCO-SA-ASAFTD-ACL-BYPASS-VVNLNKQFGSD-2024-20342cisco-sa-asa-scpcxt-filecpy-rgeP73nECVE-2026-20070CVE-2024-20364GHSA-fqcq-8xcg-f9hhGHSA-jgqf-4rxm-w86hGSD-2024-20370CISCO-SA-ASAFTD-XSS-YJJ7ZJVQCVE-2026-20063cisco-sa-asaftd-vpn-dos-SpOFF2ReBDU:2024-08576GHSA-r229-mj76-g2qxCVE-2026-20102EUVD-2026-9444EUVD-2026-9434EUVD-2026-9469BDU:2024-08567BDU:2024-10826GSD-2024-20340CVE-2024-20388CVE-2024-20407GHSA-mh5f-h37q-2qm8cisco-sa-ftd2100-snort-dos-M9HuMt75CVE-2026-20008GHSA-m8w7-x24f-68q9CVE-2026-20003TNCVE-2026-20008WID-SEC-W-2024-3265GSD-2024-20299CVE-2026-20039GSD-2024-20372BDU:2024-08827CISCO-SA-FMC-HTML-INJ-NFJEYHXZBDU:2024-08891CVE-2024-20297cisco-sa-asa-dos-FCvLD6vRGSD-2024-20415cisco-sa-asaftdvirtual-dos-MuenGnYRGHSA-5q5x-hwcj-q6c2EUVD-2026-9442ESB-2026.3678EUVD-2026-9472GHSA-x599-6m8q-75qpBDU:2024-10813cisco-sa-asaftd-snmp-dos-7TcnzxTUcisco-sa-asaftd-aclbypass-dos-CVxVRSvQGSD-2024-20269GSD-2024-20403BDU:2024-08838OPENSUSE-SU-2026:10325-1GSD-2024-20410GHSA-4q8m-h8wc-99q6EUVD-2026-9436GSD-2024-20379BDU:2024-08855TNCVE-2026-20013CISCO-SA-ASAFTD-VPN-M9SX6MBCCISCO-SA-FTD-TCP-DOS-RHFQNWRGVVD-CESS-2026-20023CVE-2024-20260cisco-sa-snort-bypass-PTry37fXCVE-2024-20300GHSA-f3vw-6vxw-fwf4CVE-2024-20495CNVD-2024-43207WID-SEC-W-2024-3269CNVD-2024-44492BDU:2024-10812CVE-2026-20009CVE-2026-20022GHSA-f74q-99mf-mmj8CVE-2024-20379CVE-2024-20472GHSA-x2pv-vmm7-rhwrCVE-2026-20064cisco-sa-asaftd-ospf-ZH8PhbSWCISCO-SA-ASAFTD-LUAINJECT-VESCQGMSCNVD-2024-43202GHSA-jwpj-m256-82wgcisco-sa-fmc-rce-NKhnULJhVVD-CESS-2026-20003GHSA-h526-7r62-gcj9WID-SEC-W-2024-3262GHSA-w38w-gj7f-5836cisco-sa-fmc-cmd-inj-2HBkA97GGHSA-253g-rphr-6h5jGSD-2024-20493WID-SEC-W-2024-0965VVD-CESS-2026-20031GSD-2024-20472CVE-2024-20431CISCO-SA-SNORT-RF-BYPASS-OY8F3PNMCVE-2026-20082GHSA-chrm-52hv-4ff4VVD-CESS-2026-20069VVD-CESS-2026-20017CISCO-SA-ASA-FTD-PRIV-ESC-HBS9GNWQCVE-2026-20018BDU:2024-10828cisco-sa-asaftd-bf-dos-vDZhLqrWGSD-2024-20358GHSA-jr5q-32rg-gcqqGHSA-6jcc-w84h-p298VVD-NCSC-2026-77EUVD-2026-9483CVE-2024-20351GHSA-f7qm-mcg6-fhvgBDU:2024-08632BDU:2024-08841CERTFR-2024-ALE-007EUVD-2026-9478CVE-2024-20353VVD-CESS-2026-20102CVE-2024-20342GHSA-hm6q-48c6-p943GSD-2024-20353cisco-sa-asaftd-luainject-VescqgmSGHSA-hvrr-v8q8-3r9qBDU:2024-08889cisco-sa-asaftd-webvpn-dos-hOnB9pH4EUVD-2026-9428BDU:2024-11140GHSA-x299-q796-x4w4GHSA-fqfv-4r6p-w7m3GHSA-42hx-qv2c-ff49CVE-2024-20275BDU:2024-10831CVE-2026-20031BDU:2024-10833GHSA-hf42-4qwp-gc9rCVE-2026-20069CNVD-2024-44487GHSA-4wgv-wwff-cw37EUVD-2026-9432VVD-CESS-2026-20021GHSA-8vhw-wjxq-h782GSD-2024-20481BDU:2024-08631cisco-sa-fmc-file-read-5q4mQRnGHSA-vv26-9jw2-p445EUVD-2026-9470EUVD-2026-9433cisco-sa-fmc-cmd-inj-g8AOKnDPCVE-2024-20526CVE-2024-20264BDU:2024-08566GHSA-9pj9-8qr7-5x38CISCO-SA-FTD-GEOIP-BYPASS-MB4ZRDUcisco-sa-ftd-geoip-bypass-MB4zRDuTNCVE-2026-20050BDU:2024-10837BDU:2024-08881CVE-2024-20408GHSA-pvq2-4ff4-p9w6VVD-CESS-2026-20008VVD-CESS-2026-20052cisco-sa-asaftd-acl-bypass-VvnLNKqfEUVD-2026-9435GSD-2024-20471cisco-sa-asa-ssh-rce-gRAuPEUFVVD-CESS-2026-20062CISCO-SA-FTD-SNORT-BYPASS-RLGGKZVFGHSA-hr33-3275-hjcvGHSA-m4qh-qp46-jwg7GHSA-jrcg-6c8x-ff3hcisco-sa-snort-rf-bypass-OY8f3pnMVVD-CESS-2026-20064GHSA-xwx2-g284-r7j9BDU:2024-11132EUVD-2026-9482CVE-2024-20424GHSA-6grm-m6x5-4cvxCISCO-SA-FMC-FILE-READ-5Q4MQRNBDU:2024-08817GSD-2024-20260CISCO-SA-ASA-VPN-4GYEWMKGcisco-sa-asaftd-ikev2-dos-eBueGdEGWID-SEC-W-2024-3267GSD-2024-20300GSD-2024-20364CNVD-2024-44489CVE-2024-20358cisco-sa-asaftd-cmd-inj-ZJV8WysmVVD-CESS-2026-20024CNVD-2024-44490GSD-2024-20473GHSA-33pq-q8j2-pf3gVVD-CESS-2026-20018VVD-CESS-2026-20022TNCVE-2026-20102GHSA-27g3-cp2g-22pwCVE-2026-20049BDU:2024-10834BDU:2024-10814BDU:2024-10825TNCVE-2026-20105CVE-2024-20409GHSA-4378-qv4j-pgj4cisco-sa-sa-ftd-snort-fw-BCJTZPMuTNCVE-2026-20039EUVD-2026-9430GHSA-hwhr-j2m2-9887GHSA-pj9f-9jr9-4wm7CVE-2024-20329EUVD-2024-18196CISCO-SA-SNORT-BYPASS-PTRY37FXVVD-CESS-2026-20006CVE-2026-20013CVE-2026-20050CVE-2024-20359cisco-sa-clamav-css-Fn4QSZVVD-ANCHORE-2026-20031VVD-CESS-2026-20016GSD-2024-20386CISCO-SA-FMC-SQL-INJECTION-2QH6CCJDCNVD-2024-43209GHSA-prx7-jm7p-362cCISCO-SA-FMC-CMD-INJ-G8AOKNDPVVD-CESS-2026-20082GHSA-rmc4-86ph-8m7jEUVD-2026-9426EUVD-2026-9457CVE-2024-20473NCSC-2024-0424GHSA-hvpm-hv6g-6m5ccisco-sa-ftd-dnd-dos-bpEcg7B7EUVD-2026-9455CVE-2024-20415CVE-2024-20493TNCVE-2026-20101GHSA-924w-xj2p-25w9VVD-CESS-2026-20073cisco-sa-ftd-snort-bypass-rLggKzVFVVD-CESS-2026-20002cisco-sa-asaftd-desync-n5AVzEQwCVE-2024-20377GHSA-x463-pc3r-q5g5TNCVE-2026-20021VVD-CESS-2026-20044GHSA-p38m-32qc-f4cgCISCO-SA-ASAFTD-NSGACL-BYPASS-77XNEASLGHSA-6vh9-9qf6-mvjjEUVD-2026-9439GHSA-rgg4-82q2-jw5vcisco-sa-ftd-cmd-inj-mTzGZexfCVE-2024-20341CVE-2026-20002TNCVE-2026-20103EUVD-2026-9437CVE-2026-20020cisco-sa-asaftd-dap-dos-bhEkP7nVVD-CESS-2026-20063GHSA-c9c2-73hm-242hTNCVE-2026-20014GHSA-pp78-fggv-r899EUVD-2026-9479CNVD-2024-43205GHSA-83hg-vhh4-2hfhCVE-2026-20021CVE-2026-20023CVE-2024-20403CISCO-SA-ASA-VPN-NYH3FHPGSD-2024-20382EUVD-2026-9441GHSA-9qmm-x6v7-php3EUVD-2026-9456CVE-2024-20299VVD-CISA-2026-20131EUVD-2026-9471ESB-2026.3677CVE-2024-20410GSD-2024-20298cisco-sa-fmc-xss-infodisc-RL4mJFerTNCVE-2026-20106CISCO-SA-ASAFTD-OSPF-ZH8PHBSWGHSA-f3x2-jxv4-r583CVE-2026-20006VVD-CESS-2026-20039CVE-2024-20274GSD-2024-20431CVE-2026-20052CISCO-SA-FTD-DND-DOS-BPECG7B7GSD-2024-20409GHSA-3r4j-q266-j9h3cisco-sa-asa-vpn-cZf8gTGHSA-gvjq-f8m6-m457GHSA-m287-fgwg-4xpcCVE-2026-20044VVD-CESS-2026-20009CVE-2024-20268BDU:2024-08830CNVD-2025-05985CVE-2026-20100EUVD-2026-9480CVE-2024-20482BDU:2024-08575GHSA-2cx5-9j54-v8vqGHSA-v9vp-c2f8-43hhcisco-sa-fmc-xss-dhJxQYZsBDU:2024-10815VVD-CESS-2026-20001CISCO-SA-ASAFTDVIRTUAL-DOS-MUENGNYRCVE-2024-20384CISCO-SA-ASAFTD-SAML-LKTTRWZPBDU:2024-10839TNCVE-2026-20049EUVD-2026-9463GSD-2024-20264GHSA-7874-r67m-25qhBDU:2024-08799CNVD-2024-43203cisco-sa-asaftd-persist-lce-vU3ekMJ3cisco-sa-asa-vpn-4gYEWMKgGHSA-qjf3-5p7q-6r9mGHSA-v4mc-99px-fq68VVD-CESS-2026-20025GSD-2024-20273GHSA-gxcq-9p33-rq8fBDU:2024-10838VVD-CESS-2026-20131GHSA-vrw4-xqvw-j7j7cisco-sa-fmc-cmd-inj-v3AWDqN7CVE-2026-20073cisco-sa-asaftd-saml-LktTrwZPBDU:2024-08846cisco-sa-asaftd-websrvs-dos-X8gNucD2GSD-2024-20526EUVD-2026-9438VVD-CESS-2026-20014BDU:2024-08847BDU:2024-10811

References

advisory
advisory
advisory
advisory
advisory
advisory

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›