Sunday , September 21 2025
Firewall

(CVE-2025-20265)
Critical Cisco RCE Flaw: Attackers Can Hijack Firewalls

infosecbulletin Saturday , August 16 2025 Alert

Cisco has revealed a serious remote code execution vulnerability in its Secure Firewall Management Center (FMC) Software. This flaw, identified as CVE-2025-20265 and rated 10.0 on the CVSS scale, allows unauthenticated attackers to execute commands with high privileges. It poses a significant threat to organizations using affected FMC versions with RADIUS authentication enabled.

According to Cisco, “A vulnerability in the RADIUS subsystem implementation of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device.”

EDR-Freeze: A Tool That Puts EDRs And Antivirus Into A Coma State

By infosecbulletin / Sunday , September 21 2025
A new proof-of-concept tool named EDR-Freeze has been developed, capable of placing Endpoint Detection and Response (EDR) and antivirus solutions...
Read More
EDR-Freeze: A Tool That Puts EDRs And Antivirus Into A Coma State

First-ever AI-powered ‘MalTerminal’ Malware Uses OpenAI GPT-4 to Generate Code

By infosecbulletin / Sunday , September 21 2025
AI-driven malware called 'MalTerminal' utilizes OpenAI's GPT-4 to create harmful code like ransomware and reverse shells, indicating a major change...
Read More
First-ever AI-powered ‘MalTerminal’ Malware Uses OpenAI GPT-4 to Generate Code

Gmail Data exposes via ChatGPT Deep Research Agent dubbed “ShadowLeak Zero-Click” Flaw

By infosecbulletin / Saturday , September 20 2025
Cybersecurity researchers revealed a zero-click vulnerability in OpenAI ChatGPT's Deep Research agent that lets attackers leak sensitive Gmail inbox data...
Read More
Gmail Data exposes via ChatGPT Deep Research Agent dubbed “ShadowLeak Zero-Click” Flaw

Cyber attack disrupts several European airports: check-in and boarding systems affected

By infosecbulletin / Saturday , September 20 2025
Several European airports are experiencing flight delays and cancellations due to a cyber attack on a check-in and boarding systems...
Read More
Cyber attack disrupts several European airports: check-in and boarding systems affected

Hacker claim to breach Link3; 189,000 Users data up for sale

By infosecbulletin / Wednesday , September 17 2025
A threat actor claims to have breached Link3, a major IT solutions and internet service provider based in Bangladesh. The...
Read More
Hacker claim to breach Link3; 189,000 Users data up for sale

Check Point Hosts “Securing the Hyperconnected World in the AI Era” in Dhaka

By infosecbulletin / Wednesday , September 17 2025
Check point, a cyber security solutions provider hosts an event titled "securing the hyperconnected world in the AI era" at...
Read More
Check Point Hosts “Securing the Hyperconnected World in the AI Era” in Dhaka

Microsoft Confirms 900+ XSS Vulns Found in IT Services

By infosecbulletin / Tuesday , September 16 2025
Cross-Site Scripting (XSS) is one of the oldest and most persistent vulnerabilities in modern applications. Despite being recognized for over...
Read More
Microsoft Confirms 900+ XSS Vulns Found in IT Services

Daily Security Update Dated : 15.09.2025

By infosecbulletin / Monday , September 15 2025
Every day a lot of cyberattack happen around the world including ransomware, Malware attack, data breaches, website defacement and so...
Read More
Daily Security Update Dated : 15.09.2025

IBM QRadar SIEM Vuln Let Attackers Perform Unauthorized Actions

By infosecbulletin / Monday , September 15 2025
A critical permission misconfiguration in the IBM QRadar Security Information and Event Management (SIEM) platform could allow local privileged users...
Read More
IBM QRadar SIEM Vuln Let Attackers Perform Unauthorized Actions

Major Australian Banks using Army of AI Bots to Scam Scammers

By infosecbulletin / Monday , September 15 2025
Australian banks are now using bots to combat scammers. These bots mimic potential victims to gather real-time information and drain...
Read More
Major Australian Banks using Army of AI Bots to Scam Scammers

The problem arises from inadequate input validation during authentication. An attacker can exploit this by sending malicious input while entering credentials, allowing command execution with high privileges if successful.

Only specific releases are impacted:

Cisco Secure FMC Software versions 7.0.7 and 7.7.0
Only if RADIUS authentication is enabled for the web-based management interface, SSH management, or both.

Cisco confirmed that this vulnerability does not affect:

Cisco Secure Firewall Adaptive Security Appliance (ASA) Software
Cisco Secure Firewall Threat Defense (FTD) Software

Cisco warns: “There are no workarounds that address this vulnerability.” However, exploitation is only possible if RADIUS authentication is enabled. To mitigate risk before patching, Cisco recommends switching to:

Local user accounts
External LDAP authentication
SAML single sign-on (SSO)

Cisco has released software updates to fix the flaw. The Cisco Product Security Incident Response Team (PSIRT) states that it is unaware of any public announcements or malicious use of the reported vulnerability.

Check Also

Palo Alto Networks User-ID Credential Agent Vuln Exposes password In Cleartext

A new vulnerability, CVE-2025-4235, in Palo Alto Networks’ User-ID Credential Agent for Windows, could reveal …

Mail: [email protected]
© Copyright 2025, All Rights Reserved InfoSecBulletin