TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

Infosecurity Magazine

CISA Orders US Government to Patch Maximum Severity Cisco Flaw

2026-03-23 · Read original ↗

ATT&CK techniques detected

4 predictions
T1190Exploit Public-Facing Application
83%
“entry also has a warning note attached stating that the cve is “ known to be used in ransomware campaigns. ” cisco secure firewall management center ( fmc ) is described by the vendor as providing an “ administrative nerve center ” for cisco network security products. it delivers…”
T1190Exploit Public-Facing Application
70%
“cisa orders us government to patch maximum severity cisco flaw the us cybersecurity and infrastructure security agency ( cisa ) has told all federal civilian agencies to patch a critical remote code execution ( rce ) vulnerability in a cisco firewall product, as ransomware actors…”
T1068Exploitation for Privilege Escalation
55%
“entry also has a warning note attached stating that the cve is “ known to be used in ransomware campaigns. ” cisco secure firewall management center ( fmc ) is described by the vendor as providing an “ administrative nerve center ” for cisco network security products. it delivers…”
T1003OS Credential Dumping
41%
“exploitation tools and techniques for persistence. these included a powershell script for windows environment enumeration, and two custom remote access trojans ( rats ), written in javascript and java, for persistent control. also spotted by aws was a “ persistent memory - reside…”

Summary

CISA added CVE-2026-20131 to its KEV catalog as it is being used in ransomware campaigns