Skip to main content
ZDI-CAN-29207 HIGH 7.8 Overdue Feb 12, 2026

Cisco

Cisco, a major networking and cybersecurity equipment manufacturer, has a high-severity local privilege escalation vulnerability (CVSS 7.8) that requires an authenticated user with low privileges to execute, causing significant impact to confidentiality, integrity, and availability. The vulnerability cannot be exploited remotely and requires no user interaction once an attacker has local access to the system. Security teams should monitor for this advisory through June 12, 2026, when Cisco's patch deadline expires, and prioritize applying updates to affected Cisco products once available.

Advisory Details
Researcher Bobby Gould (@bobbygould5) of TrendAI Zero Day Initiative
Reported February 12, 2026
Deadline June 12, 2026 35d overdue
CVSS Vector AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy