Cybersecurity Alert – Cisco Secure Firewall Management Center Vulnerability

Impact: All Firms

FINRA member firms that use Cisco Secure Firewall Management Center (FMC) Software should be aware of a critical vulnerability that could allow a remote attacker to run malicious code on firm systems with full administrative privileges. This Cybersecurity Alert includes a link to a Cisco Security Advisory describing the vulnerability that includes additional guidance. FINRA recommends that member firms review this information with appropriate information technology and information security personnel.

Note: FINRA also contacted firms that indicated through FINRA’s Third-Party Vendor Questionnaire that they use Cisco products.

Summary

On Aug. 14, 2025, Cisco published a Security Advisory regarding a critical vulnerability (CVE-2025-20265) affecting its Secure FMC Software, versions 7.0.7 and 7.7.0 with RADIUS (a protocol used to verify user logins) authentication enabled. This vulnerability could allow a remote attacker to run malicious code on firm systems with full administrative privileges, potentially leading to system takeover, data theft or disruption of services.

Recommendation to Protect Your Firm

To protect against this vulnerability, FINRA recommends member firms follow Cisco’s guidance within the Security Advisory. According to Cisco, there are no workarounds that address this vulnerability.

FINRA encourages member firms that identify data breaches or attempted data breaches to contact your Risk Monitoring Analyst and report them to:

• FINRA using the Regulatory Tip Form found on FINRA.org;
• the SEC using the Tips, Complaints, and Referrals form or by calling (202) 551-4790; and 
• the FBI using its Internet Crime Complaint Center or by calling 1-800-CALLFBI (1-800-225-5324).

Additionally, both the FBI and the Cybersecurity & Infrastructure Security Agency (CISA) urge organizations to promptly report cyber incidents to a local FBI Field Office or the FBI Internet Crime Complaint Center (IC3) at IC3.gov, and to CISA via CISA’s 24/7 Operations Center ([email protected] or 888-282-0870).

Questions related to this Alert or other cybersecurity-related topics can be emailed to the FINRA Cyber and Analytics Unit (CAU).

Note: This Alert does not create new legal or regulatory requirements or new interpretations of existing requirements, nor does it relieve firms of any existing obligations under federal securities laws, regulations, and FINRA rules. Member firms may consider the information in this Alert in developing new, or modifying existing, policies and procedures that are reasonably designed to achieve compliance with relevant regulatory obligations based on the member firm’s size and business model. Moreover, some information may not be relevant due to certain firms’ business models, sizes, or practices.

If you would like to add or change who receives this email, please update your firm’s Chief Information Security Officer (CISO), Chief Compliance Officer (CCO), Chief Risk Officer (CRO) and/or Anti-Money Laundering Compliance Officer (AMLCO) contacts in FINRA Gateway.