Cisco has rolled out critical security updates to fix two high-severity vulnerabilities affecting its Integrated Management Controller (IMC) and Smart Software Manager On-Prem (SSM On-Prem). Notably, both flaws carry a CVSS score of 9.8, making them extremely dangerous if left unpatched.
To begin with, the first vulnerability, identified as CVE-2026-20093, directly impacts Cisco’s IMC platform. If exploited successfully, it could allow an unauthenticated remote attacker to bypass authentication controls and gain elevated system access. Consequently, this could lead to full system compromise without requiring valid credentials.
Cisco explained the root cause in its advisory, stating, “This vulnerability is due to incorrect handling of password change requests,” Cisco said in an advisory released Wednesday. “An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device.”
Furthermore, the company emphasized the severity of the issue, adding, “A successful exploit could allow the attacker to bypass authentication, alter the passwords of any user on the system, including an Admin user, and gain access to the system as that user.”
Security researcher jyh discovered and responsibly reported the flaw. Importantly, the vulnerability affects multiple Cisco products regardless of their configuration. These include Enterprise Network Compute Systems (ENCS) 5000 Series, Catalyst 8300 Series Edge uCPE, UCS C-Series M5 and M6 Rack Servers, and UCS E-Series Servers (M3 and M6). Cisco has already released patches across various firmware versions to mitigate the risk.
In addition to the IMC issue, Cisco also addressed another critical vulnerability in its SSM On-Prem solution, tracked as CVE-2026-20160. This flaw arises from unintended exposure of an internal service, which attackers could exploit remotely.
Cisco clarified the exploitation method, stating, “An attacker could exploit this vulnerability by sending a crafted request to the API of the exposed service,” Cisco said. “A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges.”
The company released fixes for this issue in SSM On-Prem version 9-202601. Interestingly, Cisco discovered this vulnerability internally while resolving a Technical Assistance Center (TAC) support case, highlighting the importance of continuous internal security assessments.
Although there is currently no evidence that threat actors have exploited these vulnerabilities in the wild, the situation remains concerning. In recent months, attackers have actively weaponized several Cisco-related flaws, increasing the urgency for organizations to act swiftly.
Therefore, Cisco strongly recommends that customers immediately upgrade to the patched versions. Since no workaround exists for these vulnerabilities, applying the official fixes remains the only effective defense against potential attacks.
Recommended Cyber Technology News:
- AI in Business Drives Innovation Without Cyber Risk
- Dragos Appoints Kaori Nieda as Japan Country Manager
- Klarivo Appoints Ro’ee Margalit to Boost AI Discovery
To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com
