top of page
perceptive_background_267k.jpg

Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution

Published:

16 April 2026 at 11:27:00

Alert date:

16 April 2026 at 12:01:34

Source:

thehackernews.com

Click to open the original link from this advisory

Network Infrastructure, Identity & Access, Enterprise Applications

Cisco has released patches for four critical security vulnerabilities affecting Identity Services and Webex Services that could enable arbitrary code execution and allow attackers to impersonate any user within the service. The flaws include CVE-2026-20184 with a CVSS score of 9.8, which involves improper certificate validation in single sign-on (SSO) integration. These vulnerabilities pose significant security risks to organizations using Cisco's identity and collaboration services.

Technical details

Four critical vulnerabilities in Cisco Identity Services and Webex Services: CVE-2026-20184 involves improper certificate validation in SSO integration allowing user impersonation; CVE-2026-20147 involves insufficient validation of user input in ISE/ISE-PIC enabling RCE with admin credentials; CVE-2026-20180 and CVE-2026-20186 are multiple input validation flaws in ISE allowing arbitrary command execution with read-only admin credentials. Successful exploitation can lead to user-level access escalation to root privileges and potential DoS conditions in single-node ISE deployments.

Mitigation steps:

Update Cisco ISE instances to the latest patched versions as specified for each CVE. For CVE-2026-20184 (Webex), no customer action required as it's cloud-based, but customers using SSO should upload a new identity provider (IdP) SAML certificate to Control Hub. Apply the appropriate patches: ISE 3.1 Patch 11, ISE 3.2 Patch 10/8, ISE 3.3 Patch 11/8, ISE 3.4 Patch 6/4, ISE 3.5 Patch 3, or migrate to fixed releases for older versions.

Affected products:

Cisco Webex Services
Cisco Identity Services Engine (ISE)
Cisco ISE Passive Identity Connector (ISE-PIC)
Cisco ISE Release 3.1 (requires 3.1 Patch 11)
Cisco ISE Release 3.2 (requires 3.2 Patch 10 for CVE-2026-20147
3.2 Patch 8 for others)
Cisco ISE Release 3.3 (requires 3.3 Patch 11 for CVE-2026-20147
3.3 Patch 8 for others)
Cisco ISE Release 3.4 (requires 3.4 Patch 6 for CVE-2026-20147
3.4 Patch 4 for others)
Cisco ISE Release 3.5 (requires 3.5 Patch 3 for CVE-2026-20147)
Cisco ISE Release earlier than 3.1 (migrate to fixed release)
Cisco ISE Release earlier than 3.2 (migrate to fixed release)

Related links:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-cui-cert-8jSZYhWL
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-traversal-8bYndVrZ
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-4fverepv
https://help.webex.com/en-us/article/nstvmyo/Manage-single-sign-on-integration-in-Control-Hub#task_394598AFBCD3D73A488E6DBB99AD3214

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page