Cisco released security updates for multiple critical vulnerabilities, including an Integrated Management Controller (IMC) authentication bypass (CVE-2026-20093) that can let attackers gain Admin access to UCS C‑Series and E‑Series servers. Patches are strongly recommended because there are no mitigations; fixes also cover a Smart Software Manager On‑Prem RCE (CVE-2026-20160), the FMC RCE previously exploited by Interlock (CVE-2026-20131), and follow a reported breach tied to the Trivy supply chain attack. #CiscoIMC #CVE-2026-20093 #SSMOnPrem #CVE-2026-20160 #FMC #CVE-2026-20131 #Interlock #Trivy
Keypoints
- CVE-2026-20093 in Cisco IMC allows unauthenticated attackers to bypass authentication and obtain Admin privileges.
- There are no workarounds; Cisco strongly recommends updating to fixed software immediately.
- CVE-2026-20160 in Smart Software Manager On‑Prem can enable unauthenticated remote code execution as root via crafted API requests.
- The FMC RCE (CVE-2026-20131) was previously exploited by the Interlock ransomware gang and is listed by CISA.
- Cisco reported its internal development environment was breached using credentials stolen during the Trivy supply chain attack.