Key Takeaways
1. Cisco released 25 security advisories for Secure Firewall ASA, Secure FMC, and Secure FTD, identifying a total of 48 vulnerabilities.
2. Two critical vulnerabilities in Cisco Secure Firewall Management Center (FMC) have a CVSS score of 10.0, allowing for potential remote, unauthenticated attacks.
3. High-severity vulnerabilities were also found in ASA and Secure FTD, including issues with Remote Access SSL VPN and denial-of-service in VPN web servers, with scores up to 8.6.
4. There is currently no evidence of active exploitation for the critical vulnerabilities in Secure FMC.
5. Enterprises are advised to promptly implement Cisco’s fixed versions for ASA/FTD/FMC, prioritizing Secure FMC for firewall management and policy implementation.
Cisco has released its biannual publication for the Cisco Secure Firewall ASA, Secure FMC, and Secure FTD on March 4, 2026. This release contains 25 security advisories that highlight a total of 48 vulnerabilities, with updates provided to rectify these issues.
Critical Vulnerabilities Identified
Among the advisories, there are two critical vulnerabilities in the Cisco Secure Firewall Management Center (FMC), both rated with a CVSS score of 10.0. According to reports from BleepingComputer, these advisories outline scenarios where remote, unauthenticated attacks could result in significant damage to the systems impacted.
High-Severity Issues in Other Products
In addition to the Secure FMC issues, the publication also notes several high-severity vulnerabilities related to ASA and Secure FTD. This includes problems with Remote Access SSL VPN and denial-of-service vulnerabilities in VPN web servers. Cisco categorizes several of these concerns as high, with a CVSS score of 8.6 included in the publication’s table.
Guidance for Enterprises
As per BleepingComputer’s summary of Cisco’s stance, there is no current evidence suggesting that the two maximum-severity vulnerabilities in Secure FMC are actively being exploited. For enterprises, the recommended action is clear: promptly implement Cisco’s fixed versions for ASA/FTD/FMC, giving priority to Secure FMC, since it plays a crucial role in firewall management and policy implementation. Cisco’s bundled publication includes the complete list of advisories and CVEs to assist organizations in assessing their deployed versions.
Source:
Link