Cisco has released patches for a critical security vulnerability in its Secure Firewall Management Center (FMC) Software that could allow unauthenticated attackers to remotely execute arbitrary code. Tracked as CVE-2025-20265 and rated CVSS 10.0, the flaw affects FMC versions 7.0.7 and 7.7.0 when RADIUS authentication is enabled for web-based or SSH management access. The vulnerability stems from improper input validation during the authentication process, allowing malicious actors to send specially crafted credentials that inject shell commands into the system.
Source: cisco.com.
According to Cisco’s advisory, successful exploitation grants the attacker high-privilege access, making the flaw especially dangerous for environments that rely on RADIUS for centralized authentication. The exploit is possible without any prior authentication, significantly widening the attack surface. Cisco has confirmed that no workaround exists, and urgent patching is required to mitigate the threat. The vulnerability was discovered internally by Cisco security researcher Brandon Sakai during routine security assessments.
The issue highlights the risk of misconfigured or vulnerable authentication systems in enterprise-grade security infrastructure. Cisco urges all customers running affected versions to apply the security updates immediately. The flaw is limited to systems with RADIUS enabled, so medical and healthcare organizations not using that feature are not at risk—but are still encouraged to update for future protection.
