CISA Orders Emergency Patching of Critical Cisco Firewall Flaw Exploited by Ransomware
The U.S. Cybersecurity and Infrastructure Security Agency has mandated all federal civilian agencies to patch a maximum-severity Cisco firewall vulnerability within three days after it was exploited as a zero-day by the Interlock ransomware group.
Key Points
- Maximum CVSS 10 vulnerability allows unauthenticated remote code execution as root
- Interlock ransomware group exploited as zero-day for several months before patch
- Federal agencies have only three days to patch or discontinue product use
Full Details
CISA has issued an emergency directive requiring all federal civilian agencies to patch CVE-2026-20131, a maximum-severity remote code execution vulnerability in Cisco Secure Firewall Management Center with a CVSS score of 10. The flaw affects the web-based management interface and could allow unauthenticated remote attackers to execute arbitrary Java code as root on affected devices. Cisco patched the vulnerability on March 4 after discovering the Interlock ransomware group had been exploiting it as a zero-day for several months. CISA added the CVE to its Known Exploited Vulnerabilities catalog on March 19, giving agencies just three days to patch or discontinue use of the product if mitigations are unavailable.
Why It Matters
This emergency directive underscores the critical nature of the vulnerability and the urgent threat posed by ransomware groups actively exploiting government infrastructure.
Get stories like this delivered daily
AI-curated news, personalized to your interests. Zero noise.
Start 7-Day Free Trial →More in Global News
One Month Into Iran War: Global Economy Faces Major Disruptions
One month after the US and Israeli war on Iran began, the global economy is experiencing the largest supply disruption in oil market history, with cascading effects on inflation, air travel, food prices, and even semiconductor chip production.
AI Targeting Systems in Iran Conflict Raise 'Cold War' Concerns
Reports confirm Palantir's AI targeting systems used in Ukraine are now being integrated into Iranian drone operations, sparking concerns about an emerging AI arms race and ethical questions about autonomous warfare.
G7 Policymakers Hold Crisis Talks as Iran-Russia War Roils Global Economy
Top western G7 policymakers convened emergency discussions to address the economic turmoil caused by the ongoing Iran-Russia war, as the conflict continues to strain global supply chains and markets.
WTO E-Commerce Duties Moratorium Expires as Global Trade Talks Stall
The global moratorium on customs duties for digital downloads and streaming has expired after WTO ministers in Yaoundé, Cameroon failed to reach an extension agreement, with talks now moving to Geneva.