Ddos 
Cisco has issued an urgent security advisory following the discovery of high-stakes vulnerabilities in its Identity Services Engine (ISE) and Passive Identity Connector (ISE-PIC) platforms. The most severe of the flaws, a Remote Code Execution (RCE) bug, has earned a CVSS score of 9.9, signaling a critical risk to enterprise network authentication.
The advisory warns that these “vulnerabilities in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker to achieve remote code execution or conduct path traversal attacks on an affected device”.
The highlight of this advisory is CVE-2026-20147, a critical RCE vulnerability stemming from “insufficient validation of user-supplied input”. While an attacker must already possess valid administrative credentials to launch an attack, the potential payload is devastating.
By sending a “crafted HTTP request to an affected device,” an attacker could gain a foothold in the underlying operating system. As the advisory notes, “a successful exploit could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to root”.
For organizations running single-node deployments, the stakes are even higher. In these environments, exploitation “could cause the affected ISE node to become unavailable, resulting in a denial of service (DoS) condition,” effectively locking out any endpoints attempting to authenticate to the network.
Alongside the RCE threat, Cisco identified a medium-severity path traversal vulnerability. This flaw, tracked as CVE-2026-20148, also relies on improper validation of user input and requires administrative access.
If exploited, “a successful exploit could allow the attacker to access sensitive files on the affected system”. While it lacks the system-wide destructive power of the RCE flaw, it provides a dangerous window into the server’s confidential data.
Cisco has been clear that there are no workarounds that address these vulnerabilities, meaning that applying official software updates is the only path to safety.
| Current Release | First Fixed Release |
| Earlier than 3.1 |
Migrate to a fixed release |
| 3.1 |
3.1 Patch 11 (Apr 2026) |
| 3.2 |
3.2 Patch 10 (Apr 2026) |
| 3.3 |
3.3 Patch 11 (Apr 2026) |
| 3.4 |
3.4 Patch 6 (Apr 2026) |
| 3.5 |
3.5 Patch 3 |
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
