CISCO ISE Security Vulnerability Patched Post Public PoC Exploit Release -

Post Views: 14

CISCO ISE Security Vulnerability Patched Post Public PoC Exploit Release

The licensing feature contains a vulnerability known as CVE-2026-20029 (CVSS score: 4.9), which might give an authorized, remote attacker with administrator rights access to private data.
In a Wednesday advisory, Cisco stated that this vulnerability results from incorrect XML parsing that is handled by the web-based administration interface of Cisco ISE and Cisco ISE-PIC. “An adversary might take advantage of this vulnerability by uploading a malicious file to the application.”

If the vulnerability is successfully exploited, an attacker with legitimate administrative credentials may be able to read any file from the underlying operating system, which the business claimed should be inaccessible even to administrators.

The issue was found and reported by Bobby Gould of Trend Micro Zero Day Initiative. The following versions are impacted:

Cisco ISE or ISE-PIC Release earlier than 3.2 – Migrate to a fixed release
Cisco ISE or ISE-PIC Release 3.2 – 3.2 Patch 8
Cisco ISE or ISE-PIC Release 3.3 – 3.3 Patch 8
Cisco ISE or ISE-PIC Release 3.4 – 3.4 Patch 4
Cisco ISE or ISE-PIC Release 3.5 – Not vulnerable

Cisco stated that it is aware of the existence of a PoC attack code and that there are no workarounds to fix the vulnerability. There are no signs that it has been abused in the wild.

Simultaneously, the networking equipment company released fixes for two additional medium-severity bugs related to the handling of Distributed Computing Environment Remote Procedure Call (DCE/RPC) requests. These bugs could allow a remote, unauthenticated attacker to cause the Snort 3 Detection Engine to restart, affecting availability, or leak sensitive data.

Guy Lederfein, a Trend Micro researcher, has been credited with identifying the defects. The following are the specifics of the problems:

CVE-2026-20026 (CVSS score: 5.8) – Snort 3 DCE/RPC denial-of-service vulnerability
CVE-2026-20027 (CVSS score: 5.3) – Snort 3 DCE/RPC information disclosure vulnerability

They have an impact on several Cisco products:

Cisco Secure Firewall Threat Defense (FTD) Software, if Snort 3 was configured
Cisco IOS XE Software
Cisco Meraki software

Because malicious actors frequently target vulnerabilities in Cisco products, customers must update to the most recent version for sufficient security.

About The Author:

Yogesh Naager is a content marketer who specializes in the cybersecurity and B2B space. Besides writing for the News4Hackers blogs, he also writes for brands including Craw Security, Bytecode Security, and NASSCOM.

Fake FASTag Annual Pass Website Warning: Don’t Share Vehicle Details, NHAI Says