Interlock Ransomware Group Exploits Critical Cisco FMC Vulnerability

The Interlock ransomware group has been exploiting a critical zero-day remote code execution (RCE) vulnerability in Cisco Secure Firewall Management Center (FMC), tracked as CVE-2026-20131 with a CVSS score of 10.0, since late January. The flaw was actively exploited 36 days before its public disclosure. No additional technical details about the vulnerability’s exploitation mechanism or affected FMC versions were provided. The attacks are attributed solely to the Interlock ransomware group, with no other threat actors mentioned. The impact involves unauthorized remote code execution on vulnerable Cisco FMC systems.