How to Fix CVE-2026-20063: Cisco Secure Firewall Threat Defense (FTD) Software (Bundle Sibling)
By Sai Kiran Pandrala. Last verified: 2026-05-25.
CVE-2026-20063 is a sibling vulnerability in the same vendor advisory as CVE-2026-20016. Apply the same patched build and you close both. The technical detail below is what differs.
| Severity | 6 (Medium) |
|---|---|
| Actively exploited? | No public listing in CISA KEV |
| Affected | Cisco Secure Firewall Threat Defense (FTD) Software 7.6.0; Cisco Secure Firewall Threat Defense (FTD) Software 7.7.0; Cisco Secure Firewall Threat Defense (FTD) Software 7.6.1; Cisco Secure Firewall Threat Defense (FTD) Software 7.6.2; Cisco Secure Firewall Threat Defense (FTD) Software 7.7.10; Cisco Secure Firewall Threat Defense (FTD) Software 7.6.2.1; Cisco Secure Firewall Threat Defense (FTD) Software 7.7.10.1 |
| Fixed in | Same patched build as CVE-2026-20016 |
| Type (CWE) | CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') |
What's different about CVE-2026-20063?
A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected device.
This vulnerability is due to insufficient input validation of user-supplied command arguments. An attacker could exploit this vulnerability by submitting crafted input for a specific CLI command. A successful exploit could allow the attacker to execute commands on the underlying operating system as root.
How to fix CVE-2026-20063
Apply the patched build per the primary write-up: How to Fix CVE-2026-20016. All commands, verification steps, and rollback notes for Cisco Secure Firewall Threat Defense (FTD) Software are listed there.
Frequently asked questions
Does the CVE-2026-20016 patch close CVE-2026-20063?
Yes. Both CVEs are addressed by the same vendor patch. Applying the patched build closes the full bundle.
Is CVE-2026-20063 listed in CISA KEV?
No public KEV listing at the time of this writing.
Where is the official advisory?
See https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmd-inj-mTzGZexf
References
- Official vendor advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmd-inj-mTzGZexf
- NVD: https://nvd.nist.gov/vuln/detail/CVE-2026-20063
- CISA KEV catalog: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- Primary: How to Fix CVE-2026-20016
*Written by Sai Kiran Pandrala. Part of the Cisco Secure Firewall Threat Defense (FTD) Software bundle. Full procedure at how-to-fix-cve-2026-20016.*