Initiatieven voor
Als nationale autoriteit voor cyberveiligheid heeft het CCB verschillende initiatieven ontwikkeld voor specifieke doelgroepen die hier worden gepresenteerd.
Warning: Critical Authentication Bypass Vulnerability in Cisco Integrated Management Controller, Patch Immediately!
Image
Gepubliceerd : 03/04/2026
Last update: 03/04/2026
Affected software:
- Cisco 5000 Series ENCS: Cisco NFVIS < 4.15
- Cisco Catalyst 8300 Series Edge uCPE: Cisco NFVIS < 4.16 and Cisco NFVIS 4.18
- UCS C-Series M5 Rack Server: Cisco IMC Release < 4.2 and Cisco IMC Release 4.3
- UCS C-Series M6 Rack Server: Cisco IMC Release < 4.2 and Cisco IMC Release 4.3 and Cisco - IMC Release 6.0
- UCS E-Series M3: Cisco IMC Release < 3.2
- UCS E-Series M6: Cisco IMC Release < 4.15
Type: CWE-20: Improper Input Validation
CVE/CVSS: CVE-2026-20093: 9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Source
Risk
The risks of this vulnerability are high because no authentication is required to exploit it, making it accessible to any attacker. A successful compromise can impact critical systems, giving attackers insight into an organization's internal network. This has a severe impact on the confidentiality, integrity, and availability of the affected system.
Description
CVE-2026-20093 is a vulnerability where an unauthenticated remote attacker can completely bypass the login process and gain full administrative access to the system. This allows the attacker to change the password of any user.
Cisco IMC manages servers at a hardware level which makes this is especially dangerous as the attacker could manipulate hardware settings, power cycle servers, disrupt critical infrastructure, and use the compromised device to launch attacks on other systems on the network.
Recommended Actions
Patch
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority after thorough testing.
Monitor/Detect
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity and ensure a swift response in case of an intrusion.
In case of an intrusion, you can report an incident via https://ccb.belgium.be/en/cert/report-incident.
While patching appliances or software to the newest version may protect against future exploitation, it does not remediate historic compromise.