Cisco has released urgent patches for a maximum severity flaw (CVSS 10.0) in Secure Firewall Management Center (FMC).

• Allows unauthenticated remote attackers to execute commands with root privileges

• Affects FMC versions 7.0.7 & 7.7.0 when RADIUS authentication is enabled

• No workaround except patching immediately (temporary fix: disable RADIUS)

Organizations using Cisco FMC are strongly advised to apply updates now to prevent potential compromise.

Full advisory available on our website: https://nccc.gov.sl/Alerts_Advisories/