The Cisco Secure Firewall Management Center Software is a network security solution used to manage and monitor firewall configurations. This vulnerability allows an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device, potentially leading to unauthorized access and data breaches.
You're affected if you use A vulnerability. Specific version info not stated in the advisory. If you don't recognise this software, you're probably not affected.
Upgrade to Cisco Secure FMC Software version 3.4.x or later.
- For immediate mitigations:
- Restrict network access to your Cisco Secure FMC instance (firewall it from the public internet)
- Audit admin account activity for suspicious access patterns
- Monitor for unauthorized token creation