Cisco have recently fixed numerous security bugs in multiple products. These also include a critical security fix in Cisco Firepower Management Center (FMC) software. Users must ensure they update their devices to the latest patched versions at the earliest.
Cisco has fixed a critical security Flaw in its Firepower Management Center (FMC). As explained in their advisory, the vulnerability existed in the web-based interface of the tool. And, upon exploitation, the bug could allow remote code execution with admin privileges on the device while bypassing authentication.
Regarding the vulnerability, CVE-2019-16028, the advisory reads,
The flaw was deemed critical with a CVSS score of 9.8. It posed a threat to devices that allow authentication of web-based management interface users via an external LDAP server.
Cisco have released a fix for the bug in Cisco FMC software releases. Whereas, for those using earlier releases, Cisco recommends,