Alert GCSA-26030 - Vulnerabilita' critiche in apparati Cisco
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
******************************************************************
alert ID: GCSA-26030
data: 05 marzo 2026
titolo: Vulnerabilita' critiche in apparati Cisco
******************************************************************
:: Descrizione del problema
Cisco ha rilasciato la pubblicazione "bundled marzo 2026" degli avvisi di sicurezza
per i software Cisco Secure Firewall ASA, Secure FMC e Secure FTD.
La pubblicazione include 25 avvisi che descrivono 48 vulnerabilita',
ed i relativi aggiornamenti software che le risolvono.
Due vulnerabilita' che riguardano il prodotto Firewall Management Center (FMC)
sono di livello critico (CVSS Base score 10)
CVE-2026-20079 Authentication Bypass Vulnerability
CVE-2026-20131 Remote Code Execution Vulnerability
entrambe possono essere sfruttate da remoto e senza autenticazione.
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Apparati interessati
Cisco Secure Firewall Adaptive Security Appliance (ASA)
Cisco Secure Firewall Management Center (FMC)
Cisco Secure Firewall Threat Defense (FTD)
ClamAV
:: Impatto
Denial of Service (DoS)
Bypass delle funzionalita' di sicurezza (SFB)
Esecuzione remota di codice arbitrario (RCE)
Cross-site Scripting (XSS)
SQL injection (SQLi)
Accesso a dati riservati (ID)
Falsificazione dei dati (Spoofing)
Attacco all'integrita' dei dati (Data Manipulation)
Acquisizione di privilegi piu' elevati (EoP)
:: Soluzioni
Si consiglia di valutare l'impatto delle vulnerabilita' sui dispositivi in uso,
e di aggiornare il prima possibile.
E' possibile utilizzare Cisco Software Checker
https://sec.cloudapps.cisco.com/security/center/softwarechecker.x
per determinare il patching appropriato.
Prima dell'installazione del software, consultare il sito del fornitore per maggiori dettagli.
:: Riferimenti
March 2026 Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication
https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75736
Cisco Security Advisories
https://sec.cloudapps.cisco.com/security/center/publicationListing.x
Cisco ASA
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-FCvLD6vR
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-scpcxt-filecpy-rgeP73nE
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssh-keybypass-cr5xPUSf
Cisco ASA / FTD
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-aclbypass-dos-CVxVRSvQ
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-cmd-inj-ZJV8Wysm
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-desync-n5AVzEQw
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-esp-dos-uv7yD8P5
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ikev2-dos-eBueGdEG
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-luainject-VescqgmS
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospf-ZH8PhbSW
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-LktTrwZP
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-vpn-dos-SpOFF2Re
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-vpn-m9sx6MbC
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-xss-uwjc4HR
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmd-inj-mTzGZexf
Cisco FTD / Snort 3
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dnd-dos-bpEcg7B7
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort-bypass-rLggKzVF
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3ssl-FBEKYXpH
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tcp-dos-rHfqnwRg
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-vbavuls-96UcVVed
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-multi-dos-XFWkWSwz
Cisco FTD / FMC
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-dir-trav-wERgjhWq
Cisco FMC
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inject-S9ZM4EJf
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-rce-NKhnULJh
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-sql-inject-2EnmTC8v
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-sql-injection-2qH6CcJd
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-onprem-fmc-authbypass-5JPp45V2
ClamAV
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-css-Fn4QSZ
Cisco Webex Services
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-xss-TZFTbbwN
Bleeping Computer
https://www.bleepingcomputer.com/news/security/cisco-warns-of-max-severity-secure-fmc-flaws-giving-root-access/
Cisco Event Response: Continued Attacks Against Cisco Firewalls
https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks
Mitre CVE
I riferimenti CVE sono disponibili nell'advisory originale.
GARR CERT Security Alert - subscribe/unsubscribe:
https://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iGsEAREIACsWIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCaald4g0cY2VydEBnYXJy
Lml0AAoJEMGcTJNlEmBCu5kAnRtfj15gzgKeFDi/QCiOPlEjVTMzAKCU44Z8+MqJ
VVaNX5ZVivD4qVxDlg==
=F4+F
-----END PGP SIGNATURE-----
Hash: SHA256
******************************************************************
alert ID: GCSA-26030
data: 05 marzo 2026
titolo: Vulnerabilita' critiche in apparati Cisco
******************************************************************
:: Descrizione del problema
Cisco ha rilasciato la pubblicazione "bundled marzo 2026" degli avvisi di sicurezza
per i software Cisco Secure Firewall ASA, Secure FMC e Secure FTD.
La pubblicazione include 25 avvisi che descrivono 48 vulnerabilita',
ed i relativi aggiornamenti software che le risolvono.
Due vulnerabilita' che riguardano il prodotto Firewall Management Center (FMC)
sono di livello critico (CVSS Base score 10)
CVE-2026-20079 Authentication Bypass Vulnerability
CVE-2026-20131 Remote Code Execution Vulnerability
entrambe possono essere sfruttate da remoto e senza autenticazione.
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Apparati interessati
Cisco Secure Firewall Adaptive Security Appliance (ASA)
Cisco Secure Firewall Management Center (FMC)
Cisco Secure Firewall Threat Defense (FTD)
ClamAV
:: Impatto
Denial of Service (DoS)
Bypass delle funzionalita' di sicurezza (SFB)
Esecuzione remota di codice arbitrario (RCE)
Cross-site Scripting (XSS)
SQL injection (SQLi)
Accesso a dati riservati (ID)
Falsificazione dei dati (Spoofing)
Attacco all'integrita' dei dati (Data Manipulation)
Acquisizione di privilegi piu' elevati (EoP)
:: Soluzioni
Si consiglia di valutare l'impatto delle vulnerabilita' sui dispositivi in uso,
e di aggiornare il prima possibile.
E' possibile utilizzare Cisco Software Checker
https://sec.cloudapps.cisco.com/security/center/softwarechecker.x
per determinare il patching appropriato.
Prima dell'installazione del software, consultare il sito del fornitore per maggiori dettagli.
:: Riferimenti
March 2026 Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication
https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75736
Cisco Security Advisories
https://sec.cloudapps.cisco.com/security/center/publicationListing.x
Cisco ASA
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-FCvLD6vR
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-scpcxt-filecpy-rgeP73nE
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssh-keybypass-cr5xPUSf
Cisco ASA / FTD
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-aclbypass-dos-CVxVRSvQ
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-cmd-inj-ZJV8Wysm
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-desync-n5AVzEQw
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-esp-dos-uv7yD8P5
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ikev2-dos-eBueGdEG
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-luainject-VescqgmS
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospf-ZH8PhbSW
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-LktTrwZP
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-vpn-dos-SpOFF2Re
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-vpn-m9sx6MbC
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-xss-uwjc4HR
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmd-inj-mTzGZexf
Cisco FTD / Snort 3
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dnd-dos-bpEcg7B7
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort-bypass-rLggKzVF
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3ssl-FBEKYXpH
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tcp-dos-rHfqnwRg
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-vbavuls-96UcVVed
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-multi-dos-XFWkWSwz
Cisco FTD / FMC
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-dir-trav-wERgjhWq
Cisco FMC
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inject-S9ZM4EJf
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-rce-NKhnULJh
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-sql-inject-2EnmTC8v
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-sql-injection-2qH6CcJd
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-onprem-fmc-authbypass-5JPp45V2
ClamAV
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-css-Fn4QSZ
Cisco Webex Services
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-xss-TZFTbbwN
Bleeping Computer
https://www.bleepingcomputer.com/news/security/cisco-warns-of-max-severity-secure-fmc-flaws-giving-root-access/
Cisco Event Response: Continued Attacks Against Cisco Firewalls
https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks
Mitre CVE
I riferimenti CVE sono disponibili nell'advisory originale.
GARR CERT Security Alert - subscribe/unsubscribe:
https://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iGsEAREIACsWIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCaald4g0cY2VydEBnYXJy
Lml0AAoJEMGcTJNlEmBCu5kAnRtfj15gzgKeFDi/QCiOPlEjVTMzAKCU44Z8+MqJ
VVaNX5ZVivD4qVxDlg==
=F4+F
-----END PGP SIGNATURE-----