Detections
Analytics

Cisco Firepower Management Center Software RCE (cisco-sa-fmc-radius-rce-TNBKf79)

critical Nessus Plugin ID 253650

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

A vulnerability in the RADIUS subsystem implementation of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device. This vulnerability is due to a lack of proper handling of user input during the authentication phase. An attacker could exploit this vulnerability by sending crafted input when entering credentials that will be authenticated at the configured RADIUS server. A successful exploit could allow the attacker to execute commands at a high privilege level.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCwo91250

See Also

http://www.nessus.org/u?68f29823

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwo91250

Plugin Details

Severity: Critical

ID: 253650

File Name: cisco-sa-fmc-radius-rce-TNBKf79.nasl

Version: 1.1

Type: local

Family: CISCO

Published: 8/22/2025

Updated: 8/22/2025

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.9

CVSS v3

Risk Factor: Critical

Base Score: 10

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/a:cisco:firepower_management_center

Required KB Items: Host/Cisco/firepower_mc/version

Patch Publication Date: 8/14/2025

Vulnerability Publication Date: 8/14/2025

Reference Information

CVE: CVE-2025-20265

CISCO-SA: cisco-sa-fmc-radius-rce-TNBKf79

IAVA: 2025-A-0612

CISCO-BUG-ID: CSCwo91250