Jan 08, 2026Ravie LakshmananNetwork Safety / Vulnerability
Cisco has launched updates to deal with a medium-severity safety flaw in Identification Providers Engine (ISE) and ISE Passive Identification Connector (ISE-PIC) with a public proof-of-concept (PoC) exploit.
The vulnerability, tracked as CVE-2026-20029 (CVSS rating: 4.9), resides within the licensing characteristic and will permit an authenticated, distant attacker with administrative privileges to realize entry to delicate data.
“This vulnerability is because of improper parsing of XML that’s processed by the web-based administration interface of Cisco ISE and Cisco ISE-PIC,” Cisco mentioned in a Wednesday advisory. “An attacker might exploit this vulnerability by importing a malicious file to the appliance.”
Profitable exploitation of the shortcoming might permit an attacker with legitimate administrative credentials to learn arbitrary recordsdata from the underlying working system, which the corporate mentioned ought to be off-limits even to directors.
Bobby Gould of Development Micro Zero Day Initiative has been credited with discovering and reporting the flaw. It impacts the next variations –
Cisco ISE or ISE-PIC Launch sooner than 3.2 – Migrate to a hard and fast launch
Cisco ISE or ISE-PIC Launch 3.2 – 3.2 Patch 8
Cisco ISE or ISE-PIC Launch 3.3 – 3.3 Patch 8
Cisco ISE or ISE-PIC Launch 3.4 – 3.4 Patch 4
Cisco ISE or ISE-PIC Launch 3.5 – Not weak
Cisco mentioned there aren’t any workarounds to deal with the flaw, including it is conscious of the provision of a PoC exploit code. There aren’t any indications that it has been exploited within the wild.
In tandem, the networking gear firm additionally shipped fixes for 2 different medium-severity bugs stemming from the processing of Distributed Computing Setting Distant Process Name (DCE/RPC) requests that would permit an unauthenticated, distant attacker to trigger the Snort 3 Detection Engine to leak delicate data or to restart, impacting availability.
Development Micro researcher Man Lederfein has acknowledged for reporting the failings. The small print of the problems are as follows –
CVE-2026-20026 (CVSS rating: 5.8) – Snort 3 DCE/RPC denial-of-service vulnerability
CVE-2026-20027 (CVSS rating: 5.3) – Snort 3 DCE/RPC data disclosure vulnerability
They have an effect on quite a few Cisco merchandise –
Cisco Safe Firewall Menace Protection (FTD) Software program, if Snort 3 was configured
Cisco IOS XE Software program
Cisco Meraki software program
With vulnerabilities in Cisco merchandise continuously focused by dangerous actors, it is essential that customers replace to the most recent model for satisfactory safety.
