Cisco warns of worrying major security flaw in firewall command center, so patch now

• Cisco found a 10/10 flaw in Secure Firewall Management Center
• It released a patch and advised on possible mitigations
• No evidence of in-the-wild abuse so far, but users should still be on guard

Cisco recently fixed a maximum-severity vulnerability in its Secure Firewall Management Center (FMC) product, and urged users to apply either the patch, or the mitigation, as soon as possible.

FMC is a centralized platform for configuring, monitoring, and analyzing Cisco Secure Firewalls, where users can manage policies, track threat intelligence, and monitor their deployments across endpoints.

As per Cisco’s new security advisory, the vulnerability was discovered in the RADIUS subsystem implementation of FMC. RADIUS (Remote Authentication Dial-In User Service) is a protocol used to authenticate, authorize, and account for FMC administrators and VPN users by integrating with an external identity server.