PT-2026-33086 · Cisco · Identity Services Engine+1

Published

2026-04-15

Updated

2026-04-16

CVE-2026-20136

CVSS v2.0

6.2

Medium

Vector

AV:L/AC:L/Au:S/C:C/I:C/A:N

Name of the Vulnerable Software and Affected Versions Cisco Identity Services Engine (ISE) (affected versions not specified) Cisco ISE Passive Identity Connector (ISE-PIC) (affected versions not specified)

Description Insufficient validation of user supplied input in the CLI allows an authenticated local attacker with administrative privileges to perform a command injection attack on the underlying operating system. This can lead to the attacker elevating their privileges to root.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Encoding or Escaping of Output

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-116

Related Identifiers

BDU:2026-05636

CVE-2026-20136

Affected Products

Cisco Ise Passive Identity Connector

Identity Services Engine

PT-2026-33086 · Cisco · Identity Services Engine+1

CVE-2026-20136

Weakness Enumeration

Related Identifiers

Affected Products

References · 4