Cisco has launched updates to handle a crucial security flaw within the Built-in Administration Controller (IMC) that, if efficiently exploited, may enable an unauthenticated, distant attacker to bypass authentication and achieve entry to the system with elevated privileges.
The vulnerability, tracked as CVE-2026-20093, carries a CVSS rating of 9.8 out of a most of 10.0.
“This vulnerability is because of incorrect dealing with of password change requests,” Cisco stated in an advisory launched Wednesday. “An attacker may exploit this vulnerability by sending a crafted HTTP request to an affected machine.”
“A profitable exploit may enable the attacker to bypass authentication, alter the passwords of any consumer on the system, together with an Admin consumer, and achieve entry to the system as that consumer.”
Safety researcher “jyh” has been credited with discovering and reporting the vulnerability. The shortcoming impacts the next merchandise whatever the machine configuration –
- 5000 Sequence Enterprise Community Compute Techniques (ENCS) – Fastened in 4.15.5
- Catalyst 8300 Sequence Edge uCPE – Fastened in 4.18.3
- UCS C-Sequence M5 and M6 Rack Servers in standalone mode – Fastened in 4.3(2.260007), 4.3(6.260017), and 6.0(1.250174)
- UCS E-Sequence Servers M3 – Fastened in 3.2.17
- UCS E-Sequence Servers M6 – Fastened in 4.15.3
One other crucial vulnerability patched by Cisco impacts Sensible Software program Supervisor On-Prem (SSM On-Prem), which may allow an unauthenticated, distant attacker to execute arbitrary instructions on the underlying working system. The vulnerability, CVE-2026-20160 (CVSS rating: 9.8), stems from an unintentional publicity of an inside service.
“An attacker may exploit this vulnerability by sending a crafted request to the API of the uncovered service,” Cisco stated. “A profitable exploit may enable the attacker to execute instructions on the underlying working system with root-level privileges.”
Patches for the flaw have been launched in Cisco SSM On-Prem model 9-202601. Cisco stated the vulnerability was found internally throughout the decision of a Cisco Technical Help Heart (TAC) help case.
Whereas neither of the vulnerabilities has been exploited within the wild, a quantity ofrecentlydisclosed security flaws in Cisco merchandise have been weaponized by risk actors. In the absence of a workaround, clients are really helpful to replace to the fastened model for optimum safety.
