Cisco warns of max severity Secure FMC flaws giving root access

Cisco has released security updates to patch two maximum-severity vulnerabilities in its Secure Firewall Management Center (FMC) software.
Ars Technica

“Highly capable” hackers root corporate networks by exploiting firewall 0-day

I find this article quite difficult to comprehend, we go from rooting firewalls to somehow magically obtaining Microsoft active directory secrets? There’s no logical flow to how attackers are jumping ...