- 92/2026
- Critical
Cisco has released security updates to address several vulnerabilities affecting multiple Cisco products.
The addressed vulnerabilities could allow the attacker to perform denial-of-service attacks, gain elevated privileges, manipulate data, conduct cross-site scripting attacks, execute arbitrary commands, and gain access to the affected products.
Sample of addressed vulnerabilities:
1. Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerability (CVE-2026-20147):
- CVSS: 9.9
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Consequences: Gain Access
2. Cisco Unity Connection Arbitrary File Download Vulnerability (CVE-2026-20078):
- CVSS: 6.5
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Consequences: Obtain Information
Vulnerabilities
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.