Skip to main content

Cisco CVE-2026-20094

| EUVDEUVD-2026-17948 HIGH
Command Injection (CWE-77)
2026-04-01 cisco
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Apr 01, 2026 - 17:30 euvd
EUVD-2026-17948
Analysis Generated
Apr 01, 2026 - 17:30 vuln.today
CVE Published
Apr 01, 2026 - 16:28 nvd
HIGH 8.8

DescriptionCVE.org

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with read-only privileges to perform command injection attacks on an affected system and execute arbitrary commands as the root user.

This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted commands to the web-based management interface of the affected software. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system as the root user.

AnalysisAI

Command injection in Cisco Integrated Management Controller (IMC) web interface allows authenticated attackers with read-only privileges to execute arbitrary commands as root. The CVSS:3.1 vector (AV:N/AC:L/PR:L/UI:N) confirms network-accessible exploitation requiring only low-privilege authentication, with no public exploit identified at time of analysis. EPSS data not provided; CVE-2026 prefix suggests future disclosure.

Technical ContextAI

Cisco Integrated Management Controller (IMC) provides out-of-band management for Cisco UCS standalone servers and E-series infrastructure. This CWE-77 command injection vulnerability stems from improper input validation in the web-based management interface, allowing attackers to inject shell metacharacters or commands into parameters processed by the underlying operating system. The affected CPE strings identify Cisco Unified Computing System (Standalone) and UCS E-Series Software (UCSE) products. Command injection flaws typically occur when application code passes unsanitized user input directly to system shells via functions like exec(), system(), or popen(), enabling attackers to break out of intended command contexts and execute arbitrary code with the privileges of the web service-in this case, root-level access.

RemediationAI

Consult the official Cisco Security Advisory cisco-sa-cimc-cmd-inj-3hKN3bVt at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-3hKN3bVt for vendor-confirmed patched software versions and upgrade instructions. Patch availability and specific remediated versions are detailed in the advisory but not independently confirmed in provided intelligence data. As interim mitigations, restrict network access to the Cisco IMC web interface using firewall rules or VPNs to limit exposure to trusted management networks, implement strict role-based access controls to minimize accounts with even read-only privileges, and monitor authentication logs for unusual activity from low-privilege accounts accessing administrative functions. Organizations should prioritize upgrades for internet-facing or broadly accessible IMC instances.

Share

CVE-2026-20094 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy