Skip to main content

Cisco Umbrella Insights Virtual Appliance

1 CVEs product

Monthly

CVE-2026-20246 MEDIUM This Month

Privilege escalation in the Cisco Umbrella Virtual Appliance vmadmin CLI enables an authenticated local attacker holding vmadmin-level credentials to elevate access to root on the affected device. The flaw, classified as CWE-269 (Improper Privilege Management), arises because the vmadmin CLI does not adequately validate or restrict specific commands that can be leveraged as a privilege escalation path. No public exploit code has been identified and the CVE is not listed in the CISA KEV catalog at time of analysis; the CVSS 6.0 Medium score reflects the high-privilege prerequisite that meaningfully constrains the realistic attacker pool.

Cisco Privilege Escalation Cisco Umbrella Insights Virtual Appliance
NVD VulDB
CVSS 3.1
6.0
EPSS
0.1%
EPSS 0% CVSS 6.0
MEDIUM This Month

Privilege escalation in the Cisco Umbrella Virtual Appliance vmadmin CLI enables an authenticated local attacker holding vmadmin-level credentials to elevate access to root on the affected device. The flaw, classified as CWE-269 (Improper Privilege Management), arises because the vmadmin CLI does not adequately validate or restrict specific commands that can be leveraged as a privilege escalation path. No public exploit code has been identified and the CVE is not listed in the CISA KEV catalog at time of analysis; the CVSS 6.0 Medium score reflects the high-privilege prerequisite that meaningfully constrains the realistic attacker pool.

Cisco Privilege Escalation Cisco Umbrella Insights Virtual Appliance
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy