CVE-2026-20092

Name of the Vulnerable Software and Affected Versions Cisco Intersight Virtual Appliance (affected versions not specified)

Description A flaw exists in the read-only maintenance shell of the appliance that may allow a local attacker with administrative privileges to gain root access. This is caused by incorrect file permissions on configuration files for system accounts within the maintenance shell. An attacker could exploit this by accessing the maintenance shell as a read-only administrator and altering system files to obtain root privileges. A successful exploit could grant the attacker complete control of the appliance, potentially allowing access to sensitive data, modification of workloads and configurations, and a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.