Cisco Secure Firewall Management Center Software Authorization Bypass Vulnerabilities

SecurityVulns
Yanac

Multiple vulnerabilities in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to access files that they are not authorized to access.<br><br>
For more information about these vulnerabilities, see the <a href=”https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-authz-bypass-M7xhnAu?vs_f=Cisco Security Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco Secure Firewall Management Center Software Authorization Bypass Vulnerabilities%26vs_k=1#details”>Details</a> section of this advisory.<br><br>
Cisco has released software updates that address these vulnerabilities. There are workarounds that address these vulnerabilities.<br><br>
This advisory is available at the following link:<br><a href=”https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-authz-bypass-M7xhnAu”>https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-authz-bypass-M7xhnAu</a><br><br>

This advisory is part of the August 2025 release of the Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see <a href=”https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75415″>Cisco Event Response: August 2025 Semiannual Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication</a>.<br><br>

<br/>Security Impact Rating: Medium

<br/>CVE: CVE-2025-20301,CVE-2025-20302Cisco Security AdvisoryRead More