### Authentication Bypass in Cisco IMC **Cisco** has released updates to remediate a critical security flaw affecting the Integrated Management Controller (IMC). This vulnerability, identified as **CVE-2026-20093**, carries a CVSS score of 9.8, indicating its severity. The vulnerability stems from improper handling of password change requests. According to **Cisco**'s advisory, an attacker could exploit this by sending a crafted HTTP request to a vulnerable device. A successful exploit could allow an attacker to bypass authentication, change passwords for any user (including administrators), and gain unauthorized access to the system. The vulnerability affects the following products: * 5000 Series Enterprise Network Compute Systems (ENCS) - Fixed in 4.15.5 * Catalyst 8300 Series Edge uCPE - Fixed in 4.18.3 * UCS C-Series M5 and M6 Rack Servers in standalone mode - Fixed in 4.3(2.260007), 4.3(6.260017), and 6.0(1.250174) * UCS E-Series Servers M3 - Fixed in 3.2.17 * UCS E-Series Servers M6 - Fixed in 4.15.3 Security researcher "jyh" is credited with discovering and reporting this vulnerability. Users of affected systems are strongly advised to apply the provided patches. ### Remote Command Execution in Smart Software Manager On-Prem Another critical vulnerability, **CVE-2026-20160** (CVSS score: 9.8), impacts **Cisco** Smart Software Manager On-Prem (SSM On-Prem). This flaw could allow an unauthenticated remote attacker to execute arbitrary commands on the underlying operating system. The vulnerability is due to an unintentional exposure of an internal service. An attacker could exploit this by sending a crafted request to the API of the exposed service. Successful exploitation grants the attacker root-level privileges on the underlying operating system. Patches for this vulnerability are available in **Cisco** SSM On-Prem version 9-202601. **Cisco** stated that this vulnerability was discovered internally during the resolution of a **Cisco** Technical Assistance Center (TAC) support case. ### Mitigation While neither vulnerability has been exploited in the wild, recent security flaws in **Cisco** products have been actively weaponized by threat actors. Given this landscape, **Cisco** urges customers to update to the fixed versions as soon as possible to ensure optimal protection in the absence of a workaround.