Critical Cisco IMC auth bypass gives attackers Admin access
BleepingComputer • • technology
Key Points:
- Cisco has released security updates addressing critical vulnerabilities, including a Cisco Integrated Management Controller (IMC) authentication bypass (CVE-2026-20093) that allows unauthenticated attackers to gain Admin access by exploiting the password change functionality.
- The IMC vulnerability can be exploited remotely via crafted HTTP requests to bypass authentication, change any user's password, and gain full system access, with no available workarounds, prompting Cisco to strongly advise immediate patching.
- Additional patches were issued for a critical Smart Software Manager On-Prem (SSM On-Prem) vulnerability (CVE-2026-20160) that enables remote code execution with root privileges through the service's API.
- Earlier this month, Cisco fixed a maximum-severity remote code execution flaw (CVE-2026-20131) in the Secure Firewall Management Center exploited by the Interlock ransomware gang, with CISA mandating federal agencies to secure affected systems within three days.
