Skip to content
July 13, 2026
  • Linkedin
  • Twitter
  • Facebook
  • Youtube

Daily CyberSecurity

Zero-hour alerts. Unmatched analysis.

Primary Menu
  • Home
  • CVE Data
    • CVE Watchtower
    • Top Exploited CVEs
    • CVE Stats by Vendor
    • Q2 2026 Report
  • Cyber Criminals
  • Data Leak
  • Linux
  • Malware
  • Vulnerability
  • Submit Press Release
  • Vulnerability Report
Light/Dark Button
  • Home
  • News
  • Vulnerability Report
  • Cisco Issues Urgent Patch for Critical IMC Auth Bypass: A CVSS 9.8 Wake-Up Call
  • Vulnerability Report

Cisco Issues Urgent Patch for Critical IMC Auth Bypass: A CVSS 9.8 Wake-Up Call

Do Son April 2, 2026 2 minutes read
0
Cisco IMC Vulnerability CVE-2026-20093 CVE-2024-20401 Cisco IOS XE Privilege Escalation
Add Daily CyberSecurity as a preferred source on Google

A newly discovered vulnerability has turned the Cisco Integrated Management Controller (IMC) into a potential backdoor. Tracked as CVE-2026-20093, this critical flaw carries a CVSS score of 9.8, signaling a severe threat that could grant attackers full administrative control over affected systems.

The vulnerability is particularly alarming because it doesn’t require a complex exploit chain or existing credentials—just a specifically designed request to a common administrative function.

The issue lies deep within the “change password” functionality of the Cisco IMC. Due to the “incorrect handling of password change requests,” a remote, unauthenticated attacker can effectively lock out legitimate users and take over their accounts.

By sending a “crafted HTTP request to an affected device,” an attacker can bypass standard security gates. According to the Cisco advisory: “A successful exploit could allow the attacker to bypass authentication, alter the passwords of any user on the system, including an Admin user, and gain access to the system as that user”.

Because the IMC is integrated into a wide variety of hardware, the list of vulnerable products is extensive. This vulnerability “affects the following Cisco products if they are running a vulnerable release of Cisco IMC, regardless of device configuration”:

  • Core Servers: 5000 Series Enterprise Network Compute Systems (ENCS), Catalyst 8300 Series Edge uCPE, and various UCS C-Series and E-Series servers.
  • Specialized Appliances: Dozens of Cisco appliances based on preconfigured UCS servers are at risk if their IMC UI is exposed. This includes everything from Nexus Dashboard and Catalyst Center to Secure Firewall Management Center and HyperFlex Nodes.

For some platforms, like the 5000 Series ENCS, upgrading the IMC requires a full upgrade of the Cisco Enterprise NFV Infrastructure Software (NFVIS).

Administrators are urged to check their specific hardware and migrate to fixed releases immediately:

  • UCS C-Series M6: Fixed in release 6.0(1.250174).
  • Catalyst 8300 Series Edge uCPE: Fixed in release 4.18.3 (slated for April 2026).
  • Specific Appliances: Many appliances require custom remediation steps, such as applying specific Hotfixes or using the Host Upgrade Utility (HUU)

While the technical severity is as high as it gets, Cisco has noted that their Product Security Incident Response Team (PSIRT) “is not aware of any public announcements or malicious use of the vulnerability” at this time.

Defenders are encouraged to restrict access to management interfaces to trusted networks only while they work through the firmware update process.

Get Zero-Hour Vulnerability Alerts

Critical CVEs, CVSS scores, and PoC updates — straight to your inbox every week.


We respect your inbox. Unsubscribe anytime.

Related coverage

  • CVE-2025-52691 (CVSS 10): Critical SmarterMail Flaw Opens Servers to Unauthenticated Attacks
  • Critical Sitefinity Vulnerabilities: CVSS 10.0 Security Alert
  • Dahua Product Vulnerabilities: Patch 3 Critical CVEs
  • CISA Sounds the Alarm: State-Sponsored Hackers Weaponize New Windows and ScreenConnect Flaws
  • CISA Warns: Critical Longwatch RCE Flaw (CVE-2025-13658, CVSS 9.8) Allows Unauthenticated SYSTEM Takeover of OT Surveillance
Track all actively exploited CVEs →

Support Our Threat Intelligence

If you find our CVE report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee Logo Buy Me a Coffee PayPal
Crypto QR Code
USDT (TRC20):
TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm
USDT (ERC20):
0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce

Share this article:

Facebook Post LinkedIn Telegram
Written by
@DdoS · Security Researcher

Do Son

Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.

Tags: Account Takeover Authentication Bypass Catalyst cisco CVE-2026-20093 CVSS 9.8 firmware update IMC infosec Networking PSIRT UCS

Leave a Reply Cancel reply

You must be logged in to post a comment.

Search

Translation

CVE WATCHTOWER
🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

Upgrade Package

🚨 Active Exploits in the Wild

  • CVE-2026-1207CVSS 5.4
    An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Raster lookups on...
    Admin intel📅 Updated: Jul 10, 2026
  • CVE-2026-48939CVSS 10.0
    A vulnerability in the iCagenda extension for Joomla allows the upload of arbitrary files in the file attachment...
    CISA KEV📅 Added to KEV: Jul 10, 2026
  • CVE-2026-56291CVSS 10.0
    The Joomla extension Balbooa Forms is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files...
    CISA KEV📅 Added to KEV: Jul 10, 2026
  • CVE-2026-55255CVSS 8.4
    Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, an Insecure Direct...
    CISA KEV📅 Added to KEV: Jul 7, 2026
  • CVE-2026-48908
    A vulnerability in SP Page Builder for Joomla allows unauthenticated users to upload arbitrary files, ultimately resulting in...
    CISA KEV📅 Added to KEV: Jul 7, 2026
  • CVE-2026-56290
    The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable...
    CISA KEV📅 Added to KEV: Jul 7, 2026
  • CVE-2026-20896CVSS 9.8
    Gitea Docker image: `REVERSE_PROXY_TRUSTED_PROXIES = *` default lets any source IP impersonate any user via `X-WEBAUTH-USER`
    Admin intel📅 Updated: Jul 6, 2026
  • CVE-2026-48282CVSS 10.0
    ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted...
    Admin intelCISA KEV📅 Added to KEV: Jul 7, 2026📅 Updated: Jul 3, 2026
Powered by CVE Watchtower

🔴 Live Critical Threats

  • CVE-2026-14453CVSS 9.6
    This vulnerability is a critical Server-Side Template Injection (SSTI) in Centreon's centreon-open-tickets...
  • CVE-2026-59518CVSS 9.8
    Deserialization of Untrusted Data vulnerability in wpWax Directorist directorist allows Object Injection.This...
  • CVE-2026-59515CVSS 9.3
    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
  • CVE-2026-57813CVSS 9.8
    Incorrect Privilege Assignment vulnerability in properfraction MailOptin mailoptin allows Privilege Escalation.This issue...
  • CVE-2026-57811CVSS 10.0
    Improper Control of Generation of Code ('Code Injection') vulnerability in Realtyna Realtyna...
  • CVE-2026-57770CVSS 9.8
    Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Photography grandphotography allows Object...
  • CVE-2026-57744CVSS 9.8
    Deserialization of Untrusted Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions...
  • CVE-2026-57739CVSS 9.3
    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
  • CVE-2026-57738CVSS 9.8
    Deserialization of Untrusted Data vulnerability in axiomthemes 777 triple-seven allows Object Injection.This...
  • CVE-2026-57726CVSS 9.3
    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Powered by CVE WATCHTOWER

Our Websites
  • Penetration Testing Tools
  • The Daily Information Technology
  • Top Exploited CVEs
  • Daily CyberSecurity

    • About SecurityOnline.info
    • Advertise with us
    • Announcement
    • Contact
    • Contributor Register
    • Login
    • Disclaimer
    • DCMA
    • Privacy Policy
    • About SecurityOnline.info
    • Advertise on SecurityOnline.info
    • Contact Us

    When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works

    • CVE Watchtower
    • CVE Statistics by Vendor 2026
    • Q2 2026 Report
    • Top Exploited CVEs
    • Linkedin
    • Twitter
    • Facebook
    • Youtube
    © 2017 - 2026 Daily CyberSecurity. All Rights Reserved.