中文 EN
Login Register
C
Cisco 2026-04-15
Security Vulnerability Impact: Major Strength: High

Cisco ISE Critical: Multiple CVSS 9.9 Vulnerabilities Patched

Summary

Cisco issued urgent security advisory for multiple critical vulnerabilities in ISE and ISE-PIC. CVE-2026-20147 (CVSS 9.9) allows authenticated remote attackers to execute arbitrary commands and escalate to root. CVE-2026-20148 (CVSS 4.9) is a path traversal vulnerability. CVE-2026-20180/20186 also CVSS 9.9 RCE requiring only read-only admin credentials. No workarounds available - immediate patching required.

Key Takeaways

Patch versions: ISE 3.1 Patch 11 / 3.2 Patch 10 / 3.3 Patch 11 / 3.4 Patch 6 / 3.5 Patch 3. Discovered by Jonathan Lein of TrendAI Research. Cisco PSIRT confirms no public disclosure or active exploitation. Key point: Valid admin credentials required, but read-only admin sufficient for CVE-2026-20180/20186 - credential leak amplifies impact.

Why It Matters

Largest Cisco enterprise security patch in recent months, covering core identity management product line. CVSS 9.9 RCE means attackers with admin credentials can fully compromise ISE nodes, potentially paralyzing entire network access. Single-node exploitation triggers DoS, blocking unauthenticated endpoints. Webex SSO flaw (CVE-2026-20184, CVSS 9.8) allows unauthenticated impersonation of any user....

Sign up to view full strategic analysis

Sign Up Free

PRO Decision

🔒

Decision recommendations are available for Pro users

Upgrade to Pro $29/mo
Source: Cisco Security Advisory / CSA Singapore
View Original →