Cisco is warning about a critical remote code execution (RCE) vulnerability in the RADIUS subsystem of its Secure Firewall Management Center (FMC) software.

Cisco FCM is a management platform for the vendor’s Secure Firewall products, which provides a centralized web or SSH-based interface to allow administrators to configure, monitor, and update Cisco firewalls.

RADIUS in FMC is an optional external authentication method that permits connecting to a Remote Authentication Dial-In User Service server instead of local accounts.

This configuration is commonly used in enterprise and government networks where administrators want centralized login control and accounting for network device access.

The recently disclosed vulnerability is tracked as CVE-2025-20265 and received the maximum sever

See Full Page