InfoSecBulletin Cybersecurity for mankind
Cisco has published updates to fix a security issue in the Integrated Management Controller (IMC). If this flaw is used successfully, a remote attacker without authorization could skip authentication and access the system with higher privileges.
The vulnerability, tracked as CVE-2026-20093, carries a CVSS score of 9.8 out of a maximum of 10.0.
CISA: Splunk flaw under active exploit, patch by Sunday
Texas data breach exposes 3 million driver’s licenses
Critical Cisco ISE Vulnerability Enables Remote Code Execution
F5 Patches NGINX Flaw for Code Execution and DoS Attacks
FortiBleed: 70,000 Fortinet Firewalls Compromised Globally
New Rokarolla Android malware hits 217 banking and crypto apps
Phishing Campaign Exploits Legitimate Microsoft Login Flow
ALERT
Cisco SD-WAN Zero-Day, FortiSandbox and cPanel flaws exploited in attacks
“Panthalassa” builds floating AI data centers powered by ocean waves
Critical Wazuh Vuln Enables Alert Tampering and Evidence Deletion
“This vulnerability is due to incorrect handling of password change requests,” Cisco said in an advisory released Wednesday. “An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device.”
“A successful exploit could allow the attacker to bypass authentication, alter the passwords of any user on the system, including an Admin user, and gain access to the system as that user.”
Security researcher “jyh” found and reported the issue. This problem affects the products listed here no matter how the device is set up:
5000 Series Enterprise Network Compute Systems (ENCS) – Fixed in 4.15.5
Catalyst 8300 Series Edge uCPE – Fixed in 4.18.3
UCS C-Series M5 and M6 Rack Servers in standalone mode – Fixed in 4.3(2.260007), 4.3(6.260017), and 6.0(1.250174)
UCS E-Series Servers M3 – Fixed in 3.2.17
UCS E-Series Servers M6 – Fixed in 4.15.3
Cisco fixed another serious flaw that affects Smart Software Manager On-Prem (SSM On-Prem). This issue could let a remote attacker, who is not logged in, run any commands on the system. The flaw, called CVE-2026-20160 (CVSS score: 9.8), comes from accidentally revealing an internal service.
“An attacker could exploit this vulnerability by sending a crafted request to the API of the exposed service,” Cisco said. “A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges.”
Patches for the issue are out in Cisco SSM On-Prem version 9-202601. Cisco stated the problem was found internally while handling a Cisco Technical Assistance Center (TAC) support case.
