CISA Adds One Known Exploited Vulnerability to Catalog
Summary
CISA has added CVE-2026-20131, a deserialization vulnerability in Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management, to its Known Exploited Vulnerabilities (KEV) Catalog. This addition is due to evidence of active exploitation, highlighting its significant risk to organizations, particularly federal agencies.
IFF Assessment
The addition of an actively exploited vulnerability to the KEV catalog indicates a new threat vector that defenders must urgently address.
Severity
Defender Context
The inclusion of this vulnerability in the KEV catalog signifies that it is actively being exploited in the wild, posing an immediate threat. Defenders should prioritize patching or mitigating this vulnerability across their Cisco environments to prevent potential compromise.