Cisco security failure: Critical flaws give hackers control

Cisco Secure Firewall products received a March 2026 bundled security update covering ASA, Secure FTD, and Secure FMC.

Cisco has released a March 2026 bundled security update for Secure Firewall ASA, Secure FTD, and Secure FMC, addressing 48 vulnerabilities across 25 advisories, including two CVSS 10.0 flaws in Secure FMC.

Darryl Linington, Published 03/05/2026 🇩🇪

Security Software

Cisco’s semiannual Cisco Secure Firewall ASA, Secure FMC, and Secure FTD bundled publication (released March 4, 2026) includes 25 security advisories covering 48 vulnerabilities, with software updates available to address them.

Two critical Secure FMC flaws headline the release

Cisco lists two Critical issues in Cisco Secure Firewall Management Center (FMC), both rated CVSS 10.0:

CVE-2026-20079 (authentication bypass)
CVE-2026-20131 (remote code execution)

BleepingComputer reports Cisco’s advisories describe remote, unauthenticated exploitation scenarios that can lead to root-level impact on affected systems.

ASA and Secure FTD also get fixes, with multiple high-severity DoS items

Beyond Secure FMC, the bundle includes multiple high-severity entries affecting ASA and Secure FTD, including Remote Access SSL VPN and VPN web-server denial-of-service vulnerabilities (Cisco lists several of these as High with CVSS 8.6 in the bundled table).

Exploitation status and what admins should do

Cisco’s PSIRT has not reported evidence that the two max-severity Secure FMC bugs are being exploited, according to BleepingComputer’s summary of Cisco’s position.

For enterprise environments, the practical guidance is straightforward: apply Cisco’s fixed releases for ASA/FTD/FMC as soon as feasible, prioritizing Secure FMC first because it sits at the center of firewall administration and policy deployment. Cisco’s bundled publication provides the full advisory list and CVEs to map against your deployed versions.

Source(s)

Cisco.com

BleepingComputer

⟨

Warhammer 40,000 Speed Freeks: This Twisted Metal alternative is coming to the PS5 and Xbox Series S|X

Asus ROG celebrates its 20th anniversary with over $20,000 in prizes

⟩

Please share our article, every link counts!

Add as a preferred
source on Google

Loading Comments

Comment on this article

Darryl Linington - Tech Writer - 99 articles published on Notebookcheck since 2025

I’m a tech editor and journalist with over 20 years of experience covering everything from cutting-edge smartphones and AI breakthroughs to gaming hardware and future-forward tech. I have a passion for making complex technology accessible, relatable, and genuinely interesting—especially when it’s something that impacts how we live, work, or play. Outside of journalism, I’m also an author with a deep love for psychological thrillers, horror, and emotionally honest storytelling. My books include Drowning: The Island Saga Book 1, 3:33 a.m.: The Island Saga Book 2, The Midnight Murderer, Keystrokes of Vengeance, and the no-filter self-help guide Life’s Too Short For This Sh!t! Whether I’m writing page-turning mysteries or personal insights, my goal is to connect, provoke thought, and leave an impact. Inspired daily by my daughters and shaped by years of media work and personal growth, I bring purpose, curiosity, and heart to everything I write—tech or fiction.

contact me via: Facebook

> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2026 03 > Cisco security failure: Critical flaws give hackers control

Darryl Linington, 2026-03- 5 (Update: 2026-03- 5)

Two critical Secure FMC flaws headline the release

ASA and Secure FTD also get fixes, with multiple high-severity DoS items

Exploitation status and what admins should do

Source(s)

Related Articles