CVE-2026-20147

Name of the Vulnerable Software and Affected Versions Cisco ISE versions 3.1 through 3.5 Cisco ISE-PIC (affected versions not specified)

Description An issue in the web interface of the Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) allows an authenticated remote attacker to execute arbitrary commands on the underlying operating system. This is caused by insufficient validation of user-supplied input and a lack of data sanitization at the management level. An attacker with valid administrative credentials, including read-only access, can exploit this by sending a crafted HTTP request. Successful exploitation provides user-level access to the operating system, which can then be elevated to root privileges. In single-node ISE deployments, this may lead to a denial of service (DoS) condition, preventing unauthenticated endpoints from accessing the network until the node is restored.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.