By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Viral Trending contentViral Trending content
  • Home
  • World News
  • Politics
  • Sports
  • Celebrity
  • Business
  • Crypto
  • Gaming News
  • Tech News
  • Travel
Reading: Cisco Warns of CVSS 10.0 FMC RADIUS Flaw Allowing Remote Code Execution
Notification Show More
Viral Trending contentViral Trending content
  • Home
  • Categories
    • World News
    • Politics
    • Sports
    • Celebrity
    • Business
    • Crypto
    • Tech News
    • Gaming News
    • Travel
  • Bookmarks
© 2024 All Rights reserved | Powered by Viraltrendingcontent
Viral Trending content > Blog > Tech News > Cisco Warns of CVSS 10.0 FMC RADIUS Flaw Allowing Remote Code Execution
Tech News

Cisco Warns of CVSS 10.0 FMC RADIUS Flaw Allowing Remote Code Execution

By Viral Trending Content 4 Min Read
Share
SHARE

Aug 15, 2025Ravie LakshmananVulnerability / Network Security

Cisco has released security updates to address a maximum-severity security flaw in Secure Firewall Management Center (FMC) Software that could allow an attacker to execute arbitrary code on affected systems.

The vulnerability, assigned the CVE identifier CVE-2025-20265 (CVSS score: 10.0), affects the RADIUS subsystem implementation that could permit an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device.

The networking equipment major said the issue stems from a lack of proper handling of user input during the authentication phase, as a result of which an attacker could send specially crafted input when entering credentials that get authenticated at the configured RADIUS server.

“A successful exploit could allow the attacker to execute commands at a high privilege level,” the company said in a Thursday advisory. “For this vulnerability to be exploited, Cisco Secure FMC Software must be configured for RADIUS authentication for the web-based management interface, SSH management, or both.”

The shortcoming impacts Cisco Secure FMC Software releases 7.0.7 and 7.7.0 if they have RADIUS authentication enabled. There are no workarounds other than applying the patches provided by the company. Brandon Sakai of Cisco has been credited with discovering the issue during internal security testing.

Identity Security Risk Assessment

Besides CVE-2025-20265, Cisco has also resolved a number of high-severity bugs –

  • CVE-2025-20217 (CVSS score: 8.6) – Cisco Secure Firewall Threat Defense Software Snort 3 Denial-of-Service Vulnerability
  • CVE-2025-20222 (CVSS score: 8.6) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software for Firepower 2100 Series IPv6 over IPsec Denial-of-Service Vulnerability
  • CVE-2025-20224, CVE-2025-20225, CVE-2025-20239 (CVSS scores: 8.6) – Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial-of-Service Vulnerabilities
  • CVE-2025-20133, CVE-2025-20243 (CVSS scores: 8.6) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Denial-of-Service Vulnerabilities
  • CVE-2025-20134 (CVSS score: 8.6) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software SSL/TLS Certificate Denial-of-Service Vulnerability
  • CVE-2025-20136 (CVSS score: 8.6) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Network Address Translation DNS Inspection Denial-of-Service Vulnerability
  • CVE-2025-20263 (CVSS score: 8.6) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Web Services Denial-of-Service Vulnerability
  • CVE-2025-20148 (CVSS score: 8.5) – Cisco Secure Firewall Management Center Software HTML Injection Vulnerability
  • CVE-2025-20251 (CVSS score: 8.5) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN Web Server Denial-of-Service Vulnerability
  • CVE-2025-20127 (CVSS score: 7.7) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software for Firepower 3100 and 4200 Series TLS 1.3 Cipher Denial-of-Service Vulnerability
  • CVE-2025-20244 (CVSS score: 7.7) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access VPN Web Server Denial-of-Service Vulnerability

While none of the flaws have come under active exploitation in the wild, with network appliances repeatedly getting caught in the attackers’ crosshairs, it’s essential that users move quickly to update their instances to the latest version.

You Might Also Like

Samsung Project Moohan gets Rumoured Release Date

How Nothing OS Uses AI to Personalize Your Digital World

Geotab Strengthens Global Footprint and Small to Mid-Sized Fleet Solutions with Acquisition of Verizon Connect’s International Commercial Operations in Europe and Australia

Our Favorite All-in-One Printer and Scanner Is $50 Off

Four Dublin start-ups awarded at 2025 New Frontiers showcase

TAGGED: Cisco, Cyber Security, Cybersecurity, Denial of Service, Firewall, Internet, network security, RADIUS, Remote Code Execution, Vulnerability
Share This Article
Facebook Twitter Copy Link
Previous Article Corporate bonds in 2–3 year segment offer ‘best bang for buck’: Shriram Ramanathan
Next Article Presale crypto: Bitcoin Penguins surges past $3.4M with just 2 weeks left
Leave a comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

- Advertisement -
Ad image

Latest News

Samsung Project Moohan gets Rumoured Release Date
Tech News
Bitcoin HODLer Selling Cooling Off As ETF Inflows Return: Glassnode
Crypto
Trump pledges to safeguard Qatar’s security after Israeli strike on Hamas negotiators
World News
Munich airport closes after drones spotted nearby
World News
Here are 37 gold stocks I’ve ‘bought’ as bullion prices soar!
Business
Want rental income without buying property? REITs could be the answer
Business
How Nothing OS Uses AI to Personalize Your Digital World
Tech News

About Us

Welcome to Viraltrendingcontent, your go-to source for the latest updates on world news, politics, sports, celebrity, tech, travel, gaming, crypto news, and business news. We are dedicated to providing you with accurate, timely, and engaging content from around the globe.

Quick Links

  • Home
  • World News
  • Politics
  • Celebrity
  • Business
  • Home
  • World News
  • Politics
  • Sports
  • Celebrity
  • Business
  • Crypto
  • Gaming News
  • Tech News
  • Travel
  • Sports
  • Crypto
  • Tech News
  • Gaming News
  • Travel

Trending News

cageside seats

Unlocking the Ultimate WWE Experience: Cageside Seats News 2024

Samsung Project Moohan gets Rumoured Release Date

Investing £5 a day could help me build a second income of £329 a month!

cageside seats
Unlocking the Ultimate WWE Experience: Cageside Seats News 2024
May 22, 2024
Samsung Project Moohan gets Rumoured Release Date
October 3, 2025
Investing £5 a day could help me build a second income of £329 a month!
March 27, 2024
Brussels unveils plans for a European Degree but struggles to explain why
March 27, 2024
© 2024 All Rights reserved | Powered by Vraltrendingcontent
  • About Us
  • Contact US
  • Disclaimer
  • Privacy Policy
  • Terms of Service
Welcome Back!

Sign in to your account

Lost your password?