Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise

Summary

Cisco released security patches addressing two critical vulnerabilities with CVSS scores of 9.8. CVE-2026-20093 affects Integrated Management Controller (IMC) in multiple Cisco products and allows unauthenticated attackers to bypass authentication and alter user passwords through crafted HTTP requests. CVE-2026-20160 in Smart Software Manager On-Prem enables remote code execution with root privileges via an exposed internal service API.

Full text

Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise Ravie LakshmananApr 02, 2026Network Security / Vulnerability Cisco has released updates to address a critical security flaw in the Integrated Management Controller (IMC) that, if successfully exploited, could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system with elevated privileges. The vulnerability, tracked as CVE-2026-20093, carries a CVSS score of 9.8 out of a maximum of 10.0. "This vulnerability is due to incorrect handling of password change requests," Cisco said in an advisory released Wednesday. "An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device." "A successful exploit could allow the attacker to bypass authentication, alter the passwords of any user on the system, including an Admin user, and gain access to the system as that user." Security researcher "jyh" has been credited with discovering and reporting the vulnerability. The shortcoming affects the following products regardless of the device configuration - 5000 Series Enterprise Network Compute Systems (ENCS) - Fixed in 4.15.5 Catalyst 8300 Series Edge uCPE - Fixed in 4.18.3 UCS C-Series M5 and M6 Rack Servers in standalone mode - Fixed in 4.3(2.260007), 4.3(6.260017), and 6.0(1.250174) UCS E-Series Servers M3 - Fixed in 3.2.17 UCS E-Series Servers M6 - Fixed in 4.15.3 Another critical vulnerability patched by Cisco impacts Smart Software Manager On-Prem (SSM On-Prem), which could enable an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. The vulnerability, CVE-2026-20160 (CVSS score: 9.8), stems from an unintentional exposure of an internal service. "An attacker could exploit this vulnerability by sending a crafted request to the API of the exposed service," Cisco said. "A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges." Patches for the flaw have been released in Cisco SSM On-Prem version 9-202601. Cisco said the vulnerability was discovered internally during the resolution of a Cisco Technical Assistance Center (TAC) support case. While neither of the vulnerabilities has been exploited in the wild, a number ofrecentlydisclosed security flaws in Cisco products have been weaponized by threat actors. In the absence of a workaround, customers are recommended to update to the fixed version for optimal protection. Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post. SHARE     Tweet Share Share Share SHARE  cisco, cybersecurity, network security, privilege escalation, Threat Intelligence, Vulnerability Trending News Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits and 20 More Stories Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in Recent Mass Attacks FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 via Trivy CI/CD Compromise FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks 54 EDR Killers Use BYOVD to Exploit 35 Signed Vulnerable Drivers and Disable Security New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data ⚡ Weekly Recap: CI/CD Backdoor, FBI Buys Location Data, WhatsApp Ditches Numbers and More Popular Resources Detect AI-Driven Threats Faster With Full Network Visibility [Demo] Discover SaaS Risks and Monitor Every App in Your Environment [Guide] Learn How to Govern AI Agents With Proven Market Guidance SANS SEC401: Get Hands On Skills to Detect and Respond to Cyber Threats

Indicators of Compromise

• cve — CVE-2026-20093
• cve — CVE-2026-20160

Entities