κατασκευή ιστοσελίδων ρόδος

TECH - WEB DEVELOPMENT NEWS

Get the latest tech - web development news and analysis on industry around the world.

You are here: Home / INDUSTRY NEWS / Cisco Warns of CVSS 10.0 FMC RADIUS Flaw Allowing Remote Code Execution
.

Cisco Warns of CVSS 10.0 FMC RADIUS Flaw Allowing Remote Code Execution

Aug 15, 2025Ravie LakshmananVulnerability / Network Security
Cisco has released security updates to address a maximum-severity security flaw in Secure Firewall Management Center (FMC) Software that could allow an attacker to execute arbitrary code on affected systems.
The vulnerability, assigned the CVE identifier CVE-2025-20265 (CVSS score: 10.0), affects the RADIUS subsystem implementation that could permit an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device.
The networking equipment major said the issue stems from a lack of proper handling of user input during the authentication phase, as a result of which an attacker could send specially crafted input when entering credentials that get authenticated at the configured RADIUS server.
“A successful exploit could allow the attacker to execute commands at a high privilege level,” the company said in a Thursday advisory. “For this vulnerability to be exploited, Cisco Secure FMC Software must be configured for RADIUS authentication for the web-based management interface, SSH management, or both.”
The shortcoming impacts Cisco Secure FMC Software releases 7.0.7 and 7.7.0 if they have RADIUS authentication enabled. There are no workarounds other than applying the patches provided by the company. Brandon Sakai of Cisco has been credited with discovering the issue during internal security testing.

Besides CVE-2025-20265, Cisco has also resolved a number of high-severity bugs –

  • CVE-2025-20217 (CVSS score: 8.6) – Cisco Secure Firewall Threat Defense Software Snort 3 Denial-of-Service Vulnerability
  • CVE-2025-20222 (CVSS score: 8.6) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software for Firepower 2100 Series IPv6 over IPsec Denial-of-Service Vulnerability
  • CVE-2025-20224, CVE-2025-20225, CVE-2025-20239 (CVSS scores: 8.6) – Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial-of-Service Vulnerabilities
  • CVE-2025-20133, CVE-2025-20243 (CVSS scores: 8.6) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Denial-of-Service Vulnerabilities
  • CVE-2025-20134 (CVSS score: 8.6) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software SSL/TLS Certificate Denial-of-Service Vulnerability
  • CVE-2025-20136 (CVSS score: 8.6) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Network Address Translation DNS Inspection Denial-of-Service Vulnerability
  • CVE-2025-20263 (CVSS score: 8.6) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Web Services Denial-of-Service Vulnerability
  • CVE-2025-20148 (CVSS score: 8.5) – Cisco Secure Firewall Management Center Software HTML Injection Vulnerability
  • CVE-2025-20251 (CVSS score: 8.5) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN Web Server Denial-of-Service Vulnerability
  • CVE-2025-20127 (CVSS score: 7.7) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software for Firepower 3100 and 4200 Series TLS 1.3 Cipher Denial-of-Service Vulnerability
  • CVE-2025-20244 (CVSS score: 7.7) – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access VPN Web Server Denial-of-Service Vulnerability

While none of the flaws have come under active exploitation in the wild, with network appliances repeatedly getting caught in the attackers’ crosshairs, it’s essential that users move quickly to update their instances to the latest version.

Source: thehackernews.com

Kuttram Purindhavan: The Guilty One OTT Release: Pasupathy’s Gripping Thriller Coming Soon

Kuttram Purindhavan: The Guilty One is an intense Tamil suspense thriller which looks at the moralities, secrets and consequences of hidden sins. Driven by Pasupathy's commanding central performance, the series looks at how one man's actions start to infect him with guilt, turmoil and moral ambiguity. A reluctant protagonist driven to desperation, the story holds out cerebral tension and internal … [Read More...]

Someone built an ESP32 handheld NES emulator as their "first embedded project," and I wish all my first projects went this well, too

My first projects don't always turn out as planned. But that's okay, you know? Because the first time is always a learning experience. It's all about getting accustomed to the situation, figuring out how to accomplish tasks, and laying a foundation for future endeavors. And I remind myself that those early projects are essential, as a way to "fail forward" and keep improving. And I love them for … [Read More...]

Tornado OTT Release Date: When and Where to Watch This British Period Drama Online?

Written and directed by John Maclean, Tornado is a British period drama movie that stars Koki in the lead role. The film revolves around Tornado, a samurai fighter, who embarks on a quest to take revenge for his father's murder and steal the gold of the loot. However, things get intense when she finally crosses paths with a crime gang led by the Sugarman and his son, Little Sugar. The movie has … [Read More...]

New WireTap Attack Break Server SGX To Exfiltrate Sensitive Data

A newly disclosed vulnerability, named the WireTap attack, allows attackers with physical access to break the security of Intel’s Software Guard eXtensions (SGX) on modern server processors and steal sensitive information. A research paper released in October 2025 details how this method can extract cryptographic keys from supposedly secure SGX enclaves using a low-cost setup, challenging the … [Read More...]

Microsoft to Disable Inline SVG Images Display to Outlook for Web and Windows Users

Microsoft has announced a significant security enhancement for Outlook users, implementing the retirement of inline SVG image support across Outlook for Web and the new Outlook for Windows platforms.  This change represents a proactive measure to strengthen email security infrastructure and protect users from potential cybersecurity threats. The rollout timeline has been strategically … [Read More...]

5 tips for setting up guest Wi-Fi that isn't a danger to your home

Having guests over is great until they ask for the Wi-Fi password. I'm then faced with the awkward dance of finding that crumpled sticky note, dictating a convoluted string of alphanumeric characters, and hoping they type it in correctly. But the real problem is how guests feel like I'm inviting a security nightmare home. Digitally, handing out my main Wi-Fi password is like giving a stranger a … [Read More...]

Wolverine: 4 Marvel characters we'd love to see meet up with Logan

During the State of Play presentation for September 2025, Insomniac Game finally gave everyone an official first look at their upcoming Wolverine game. What was very clear from the start was that this would be different from what fans have come to expect from the studio, given their Spider-Man titles were wildly successful. For many people who love Marvel Comics, Wolverine is a character that … [Read More...]