Security Advisory

Cisco Product Security Update Advisory

  • Apr 07 2026
Cisco Product Security Update Advisory

overview

Cisco has released security updates that address vulnerabilities in Cisco products. users of affected products are encouraged to update to the latest version.

affected products

CVE-2026-20093

5000 Series ENCS Versions: 4.15 and earlier
Catalyst 8300 Series Edge uCPE Version: 4.16 and earlier
Catalyst 8300 Series Edge uCPE version: 4.18
UCS C-Series M5 Rack Server Version: 4.2 and earlier
UCS C-Series M5 Rack Server version: 4.3
UCS C-Series M6 Rack Server version: 4.2 and earlier
UCS C-Series M6 Rack Server version: 4.3
UCS C-Series M6 Rack Server version: 6.0
UCS E-Series M3 Version: 3.2 and earlier
UCS E-Series M6 Version: 4.15 and earlier

CVE-2026-20160

Cisco SSM On-Prem Version: 9-202502 or later and 9-202510 or earlier

resolved Vulnerabilities

Authentication bypass vulnerability in Cisco Integrated Management Controller (CVE-2026-20093)
Arbitrary command execution vulnerability in Cisco Smart Software Manager (CVE-2026-20160)

vulnerability patches

Vulnerability patches have been made available in the latest update. please follow the instructions on the reference site to update to the latest version of the vulnerability patch.

CVE-2026-20093

5000 Series ENCS version: 4.15.5
Catalyst 8300 Series Edge uCPE version: Migrate to a fixed release
Catalyst 8300 Series Edge uCPE Version: 4.18.3
UCS C-Series M5 Rack Server version: Migrate to a revised release
UCS C-Series M5 Rack Server version: 4.3 (2.260007)
UCS C-Series M6 Rack Server Versions: Migrating to Revised Releases
UCS C-Series M6 Rack Server version: 4.3 (6.260017)
UCS C-Series M6 Rack Server version: 6.0 (1.250174)
UCS E-Series M3 version: 3.2.17
UCS E-Series M6 version: 4.15.3

CVE-2026-20160

Cisco SSM On-Prem Version: 9-202601

references

[1] Cisco Integrated Management Controller Authentication Bypass Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-auth-by..
[2] Cisco Smart Software Manager On-Prem Arbitrary Command Execution Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssm-cli-exec..

Tags:
Previous Post

Next Post