CISCO released patches for two critical and six high-severity vulnerabilities that could allow attackers to bypass authentication, run code, escalate privileges, and access sensitive data. One of the critical flaws, CVE-2026-20093, affects Cisco IMC and could let a remote attacker bypass authentication via a crafted HTTP request, potentially allowing changes to user passwords including admin and full system access, with a CVSS score of 9.8.
Another critical issue, CVE-2026-20160, affects SSM On-Prem and could enable unauthenticated attackers to run commands on the host OS with root privileges through a crafted API request, also rated 9.8. In March, Cisco fixed a critical RCE zero-day, CVE-2026-20131, in Secure Firewall FMC, which Interlock ransomware reportedly exploited, and US CISA added the flaw to its Known Exploited Vulnerabilities catalog. Cisco’s PSIRT says there are no known exploits or PoCs at present, and it strongly advises customers to update to the patched software.