Cisco Security Updates – 21 June 2026

Cisco has released security updates to address several vulnerabilities affecting multiple Cisco products.

The addressed vulnerabilities could allow the attacker to gain elevated privileges, obtain sensitive information, perform denial of service attacks, or executemarbitrary commands on the affected system.

Sample of the addressed vulnerabilities:

1. Cisco Identity Services Engine Remote Code Execution Vulnerability (CVE-2026-20181):

  • CVSS: 9.1
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: High
  • User Interaction: None
  • Consequences: Denial of Service

2. Cisco Identity Services Information Disclosure Vulnerability (CVE-2026- 20190):

  • CVSS: 7.5
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Consequences: Obtain Information

The affected products:

  • Cisco Identity Services Engine.
  • Cisco Crosswork Network Controller.
  • Cisco Umbrella Virtual Appliance.
  • Cisco Webex App.
Vulnerabilities
  • CVE-2026-20220
  • CVE-2026-20246
  • CVE-2026-20190
  • CVE-2026-20181
  • CVE-2026-20178
Mitigations

The enterprise should deploy this patch as soon as the testing phase is completed.

Cisco Security Updates

References