Is Cisco affected by CVE-2026-20044?

CVE-2026-20044 presents moderate security risk, a improper privilege management vulnerability rated CVSS 6.0. Attackers could gain access beyond their authorized level. Organizations should apply vendor updates when available and monitor for exploitation.

CVE-2026-20044

MEDIUM

2026-03-04 [email protected]

6.0

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 22:05 vuln.today

CVE Published

Mar 04, 2026 - 18:16 nvd

MEDIUM 6.0

Description

A vulnerability in the lockdown mechanism of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, local attacker to perform arbitrary commands as root. This vulnerability is due to insufficient restrictions on remediation modules while in lockdown mode. An attacker could exploit this vulnerability by sending crafted input to the system CLI of the affected device. A successful exploit could allow the attacker to run arbitrary commands or code as root, even when the system is in lockdown mode. To exploit this vulnerability, the attacker must have valid administrative credentials.

Analysis

Cisco Secure Firewall Management Center lockdown bypass allows authenticated local administrators to execute arbitrary commands as root by sending crafted CLI input that exploits insufficient restrictions on remediation modules. An attacker with valid admin credentials can circumvent lockdown protections to achieve full system compromise. …

Remediation

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +30

POC: 0

CVE-2026-20044 vulnerability details – vuln.today

Back

CVE-2026-20044

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Share

CVE-2026-20044

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code