Cisco Secure Firewall Management Center and Secure Firewall Threat Defense Software Command Injection Vulnerability

SecurityVulns
Yanac

A vulnerability in the CLI of Cisco Secure Firewall Management Center (FMC) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as <em>root</em>.<br><br>
This vulnerability is due to improper input validation for specific CLI commands. An attacker could exploit this vulnerability by injecting operating system commands into a legitimate command. A successful exploit could allow the attacker to escape the restricted command prompt and execute arbitrary commands on the underlying operating system. To successfully exploit this vulnerability, an attacker would need valid <em>Administrator&nbsp;</em>credentials.<br><br>
For more information about vulnerable scenarios, see the <a href=”https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-ftd-cmdinj-PhE7kmT?vs_f=Cisco Security Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco Secure Firewall Management Center and Secure Firewall Threat Defense Software Command Injection Vulnerability%26vs_k=1#details”>Details</a> section of this advisory.<br><br>

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br><br>
This advisory is available at the following link:<br><a href=”https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-ftd-cmdinj-PhE7kmT”>https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-ftd-cmdinj-PhE7kmT</a><br><br>

This advisory is part of the August 2025 release of the Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see <a href=”https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75415″>Cisco Event Response: August 2025 Semiannual Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication</a>.<br><br>

<br/>Security Impact Rating: Medium

<br/>CVE: CVE-2025-20220Cisco Security AdvisoryRead More