Overview
- Cisco released patches Wednesday for 15 vulnerabilities across Webex Services and Identity Services Engine.
- CVE-2026-20184 in Webex SSO let an unauthenticated attacker impersonate any user by exploiting improper certificate checks.
- The cloud service is remediated, but organizations using SSO need to upload a new IdP SAML certificate in Control Hub to avoid disruption.
- Three ISE bugs—CVE-2026-20147, CVE-2026-20180, and CVE-2026-20186—allow attackers with admin or read-only admin accounts to run commands on the system and reach root, with single‑node setups at risk of denial of service.
- Cisco published fixed ISE builds for supported releases, including 3.1 Patch 11 and 3.4 Patch 6, and it reports no evidence of in‑the‑wild exploitation.