Cisco has launched updates to deal with a medium-severity security flaw in Id Providers Engine (ISE) and ISE Passive Id Connector (ISE-PIC) with a public proof-of-concept (PoC) exploit.
The vulnerability, tracked as CVE-2026-20029 (CVSS rating: 4.9), resides within the licensing characteristic and will enable an authenticated, distant attacker with administrative privileges to achieve entry to delicate data.
“This vulnerability is because of improper parsing of XML that’s processed by the web-based administration interface of Cisco ISE and Cisco ISE-PIC,” Cisco stated in a Wednesday advisory. “An attacker may exploit this vulnerability by importing a malicious file to the appliance.”
Profitable exploitation of the shortcoming may enable an attacker with legitimate administrative credentials to learn arbitrary information from the underlying working system, which the corporate stated ought to be off-limits even to directors.
Bobby Gould of Development Micro Zero Day Initiative has been credited with discovering and reporting the flaw. It impacts the next variations –
- Cisco ISE or ISE-PIC Launch sooner than 3.2 – Migrate to a hard and fast launch
- Cisco ISE or ISE-PIC Launch 3.2 – 3.2 Patch 8
- Cisco ISE or ISE-PIC Launch 3.3 – 3.3 Patch 8
- Cisco ISE or ISE-PIC Launch 3.4 – 3.4 Patch 4
- Cisco ISE or ISE-PIC Launch 3.5 – Not weak
Cisco stated there are not any workarounds to deal with the flaw, including it is conscious of the provision of a PoC exploit code. There are not any indications that it has been exploited within the wild.
In tandem, the networking gear firm additionally shipped fixes for 2 different medium-severity bugs stemming from the processing of Distributed Computing Setting Distant Process Name (DCE/RPC) requests that might enable an unauthenticated, distant attacker to trigger the Snort 3 Detection Engine to leak delicate data or to restart, impacting availability.
Development Micro researcher Man Lederfein has acknowledged for reporting the issues. The main points of the problems are as follows –
- CVE-2026-20026 (CVSS rating: 5.8) – Snort 3 DCE/RPC denial-of-service vulnerability
- CVE-2026-20027 (CVSS rating: 5.3) – Snort 3 DCE/RPC data disclosure vulnerability
They have an effect on a lot of Cisco merchandise –
- Cisco Safe Firewall Menace Protection (FTD) Software program, if Snort 3 was configured
- Cisco IOS XE Software program
- Cisco Meraki software program
With vulnerabilities in Cisco merchandise regularly focused by dangerous actors, it is essential that customers replace to the newest model for sufficient safety.
