ThreatCluster

Cisco ISE Vulnerabilities CVE-2026-20186 and CVE-2026-20180 Disclosed

First seen 16 Apr 2026, 12:16 UTC nvd.nist.gov 97% similarity 74

Article Content

Browse articles
ThreatCluster

Two critical vulnerabilities, CVE-2026-20186 and CVE-2026-20180, have been published for Cisco Identity Services Engine (ISE) on April 15, 2026. Both vulnerabilities allow authenticated remote attackers with Read Only Admin credentials to execute arbitrary commands on the underlying operating system. The vulnerabilities stem from insufficient validation of user-supplied input and can be exploited via crafted HTTP requests. Successful exploitation could lead to user-level access, privilege escalation to root, and potential denial of service (DoS) in single-node ISE deployments. Affected systems may become unavailable, preventing unauthenticated endpoints from accessing the network until restored. Organizations using Cisco ISE should assess their systems for these vulnerabilities and apply necessary mitigations. The current status indicates that these vulnerabilities are newly disclosed and require immediate attention.

Key Points: • CVE-2026-20186 and CVE-2026-20180 affect Cisco Identity Services Engine. • Exploitation requires Read Only Admin credentials and can lead to root access. • Successful attacks may cause denial of service in single-node deployments.

ThreatCluster AI

Timeline

2026-04-15
CVE-2026-20186 and CVE-2026-20180 published
2026-04-16
Cisco ISE vulnerabilities reported in cybersecurity news

Community

Browse all →