Cisco has released important security updates to fix a serious flaw in its Secure Firewall Management Center (FMC) software that could let hackers take over affected systems completely. The flaw, known as CVE-2026-20131, has a maximum CVSS score of 10.0, which shows how serious it is and how easy it is to take advantage of. Cisco says that threat actors are already using the vulnerability in real-world attacks as of March 2026, so organizations that use the affected platforms need to patch them right away.

This problem affects all devices that run vulnerable versions, which makes it very widespread. Companies should strongly limit who can access FMC management interfaces and not let them be seen on the public internet.

Putting management systems on separate networks and enforcing strict access controls can help protect against attacks. Because this flaw is so serious and being actively exploited, delaying a patch could lead to a full network breach. To keep business environments safe, action must be taken right away.

In Google, set ZeroOwl as your preferred source for information on how to get the latest Cisco software updates. Customers who don't have active service contracts can still get the updates they need by calling Cisco's Technical Assistance Center (TAC) and asking for the latest updates for the affected versions of FMC software. Users of Cisco SCC Firewall management who use SaaS have already had fixes applied automatically.

But companies that use on-premises FMC deployments must: Right away, upgrade to the newest version of the fixed software. Use Cisco's Software Checker tool to find the versions that are affected. To keep your network safe, apply patches that are right for your hardware and setup.

Visit the Cisco Security Cloud Control (SCC) Firewall Management (SaaS) page for more information.