Today's cybersecurity headlines are brought to you by ThreatPerspective
Ethical Hacking News

Cisco Patches Critical IMC Vulnerability, SSM On-Prem Compromise



Cisco has released critical patches for two significant vulnerabilities in its Integrated Management Controller (IMC) and Smart Software Manager On-Prem (SSM On-Prem). The IMC vulnerability (CVE-2026-20093), due to incorrect handling of password change requests, allows an attacker to bypass authentication entirely. Another critical vulnerability (CVE-2026-20160) impacts SSM On-Prem, allowing arbitrary command execution on the underlying operating system. Immediate action is recommended for affected organizations.

  • Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug
  • CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation
  • TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files
  • China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks
  • Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks
  • TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 via Trivy CI/CD Compromise
  • FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks
  • Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets
  • Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams
  • Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks
  • 54 EDR Killers Use BYOVD to Exploit 35 Signed Vulnerable Drivers and Disable Security
  • New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data
  • Cisco Patches Critical IMC Vulnerability, SSM On-Prem Compromise



    • Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug
    CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation
    TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files
    China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks
    ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits and 20 More Stories
    Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in Recent Mass Attacks
    FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns
    Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks
    TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 via Trivy CI/CD Compromise
    FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks
    Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets
    Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams
    Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks
    54 EDR Killers Use BYOVD to Exploit 35 Signed Vulnerable Drivers and Disable Security
    New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data

    Cisco Patches Critical IMC Vulnerability, SSM On-Prem Compromise

    In a significant update, Cisco has released patches for two critical vulnerabilities in its Integrated Management Controller (IMC) and Smart Software Manager On-Prem (SSM On-Prem). These flaws, identified as CVE-2026-20093 and CVE-2026-20160, respectively, pose significant risks to organizations utilizing these products.

    According to Cisco's advisory released on April 2, 2026, the IMC vulnerability (CVE-2026-20093) stems from incorrect handling of password change requests. This allows an attacker to send a crafted HTTP request to exploit the vulnerability and gain elevated privileges, bypassing authentication entirely. The attack vector is straightforward; Cisco emphasizes that exploiting this flaw would allow an attacker to modify or delete user passwords on the system, including those belonging to an Admin user.

    The other critical vulnerability, CVE-2026-20160, impacts Smart Software Manager On-Prem (SSM On-Prem). This vulnerability stems from an unintentional exposure of an internal service. An attacker could exploit this by sending a crafted request to the API of the exposed service, allowing them to execute arbitrary commands on the underlying operating system with root-level privileges.

    The CVSS score for both vulnerabilities is 9.8 out of 10.0, indicating that these are severe security flaws with significant potential impact on systems affected.

    In order to address these risks and ensure optimal protection against potential attacks, Cisco has released patches in versions 4.15.5 for the 5000 Series Enterprise Network Compute Systems (ENCS), 4.18.3 for the Catalyst 8300 Series Edge uCPE, 4.3(2.260007) or 6.0(1.250174) for UCS C-Series M5 and M6 rack servers in standalone mode, 3.2.17 for UCS E-Series Servers M3, and 4.15.3 for UCS E-Series Servers M6.

    It's worth noting that neither of these vulnerabilities has been exploited in the wild yet; however, recent security flaws in Cisco products have attracted attention from threat actors. In the absence of a workaround, customers are strongly recommended to update their systems to the fixed version in order to ensure maximum protection.

    The discovery and report of both vulnerabilities can be attributed to security researcher "jyh".



    Related Information:
  • https://www.ethicalhackingnews.com/articles/Cisco-Patches-Critical-IMC-Vulnerability-SSM-On-Prem-Compromise-ehn.shtml

  • https://thehackernews.com/2026/04/cisco-patches-98-cvss-imc-and-ssm-flaws.html

  • https://infosecbulletin.com/patch-now-cisco-patches-9-8-cvss-imc-and-ssm-flaws/


    • Published: Thu Apr 2 14:55:02 2026 by llama3.2 3B Q4_K_M


    © Ethical Hacking News . All rights reserved.

    Privacy | Terms of Use | Contact Us