{"uuid": "51aac75d-2f80-46e2-91bf-642a43da8d65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20181", "type": "seen", "source": "https://infosec.exchange/users/beyondmachines1/statuses/116775956143459982", "content": "Cisco Patches Critical Root RCE and Credential Theft Flaws in ISE\nCisco patched a critical root RCE vulnerability (CVE-2026-20181) and a high-severity information disclosure flaw (CVE-2026-20190) in its Identity Services Engine. These vulnerabilities allow authenticated root access or theft of hashed credentials.\n**Make sure your Cisco ISE and ISE-PIC systems are isolated from the internet and reachable only from trusted management networks. Apply the latest patches immediately (ISE 3.3 Patch 11, 3.4 Patch 6, or 3.5 Patch 3) and for the 3.5 command-execution fix, request the hotfix from Cisco TAC now. Don't wait for Patch 4 in August 2026.**#cybersecurity #infosec #advisory #vulnerabilityhttps://beyondmachines.net/event_details/cisco-patches-critical-root-rce-and-credential-theft-flaws-in-ise-o-v-f-q-7/gD2P6Ple2L", "creation_timestamp": "2026-06-19T13:19:12.903152Z"}