Overview

• CVE-2025-20265 was discovered by Cisco researcher Brandon Sakai during internal testing and carries the highest severity rating of 10.0 on the CVSS scale.
• The flaw in the RADIUS subsystem allows unauthenticated, remote attackers to inject arbitrary shell commands on affected Secure FMC instances.
• Only Secure Firewall Management Center versions 7.0.7 and 7.7.0 configured with RADIUS authentication for web or SSH are at risk.
• August 2025 advisories bundle patches for this critical vulnerability alongside over a dozen high- and medium-severity bugs spanning DoS, HTML injection, SSRF and VPN issues.
• Cisco reports no signs of in-the-wild exploitation and warns that applying the vendor patches is the sole mitigation available.