Cisco FMC Zero-Day CVE-2026-20131 Exploited by Interlock Ransomware: What Network Security Engineers Must Do Now
CVE-2026-20131 is a CVSS 10.0 critical vulnerability in Cisco Secure Firewall Management Center (FMC) that allows unauthenticated remote attackers to execute arbitrary code as root through an insecure deserialization flaw in the web management interface. The Interlock ransomware group exploited it as a zero-day for 36 days before Cisco disclosed and patched it on March 4, 2026. If you run FMC to manage your FTD firewalls, stop reading and patch now — then come back. ...