#VU114092 Improper Neutralization of Special Elements in Output Used by a Downstream Component in Cisco Secure Firewall Management Center (formerly Firepower Management Center, FMC) - CVE-2025-20265
Published: August 14, 2025 / Updated: September 26, 2025
Vulnerability identifier: #VU114092
Vulnerability risk: High
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber
CVE-ID: CVE-2025-20265
CWE-ID: CWE-74
Exploitation vector: Remote access
Exploit availability:
Public exploit is available
Vulnerable software:
Cisco Secure Firewall Management Center (formerly Firepower Management Center, FMC)
Cisco Secure Firewall Management Center (formerly Firepower Management Center, FMC)
Software vendor:
Cisco Systems, Inc
Cisco Systems, Inc
Description
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to improper input validation in the RADIUS subsystem implementation during the authentication phase. A remote attacker can pass specially crafted input to the application and execute arbitrary code on the target system.
Note, for this vulnerability to be exploited, Cisco Secure FMC Software must be configured for RADIUS authentication for the web-based management interface, SSH management, or both.
Remediation
Install updates from vendor's website.