CVE-2026-20094

cis · cisco integrated management

Cisco Integrated Management Controller Command Injection Vulnerability

Description

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with read-only privileges to perform command injection attacks on an affected system and execute arbitrary commands as the root user. This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted commands to the web-based management interface of the affected software. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system as the root user.

Affected Products

Vendor	Product	Versions
cis	cisco integrated management	4.0(2g), 3.1(2i), 3.1(1d), 4.0(4i), 4.1(1c), 4.0(2c), 4.0(1e), 4.0(2h), 4.0(4h), 4.0(1h), 4.0(2l), 3.1(3g), 4.0(1.240), 4.0(2f), 4.0(1g), 4.0(2i), 3.1(3i), 4.0(4d), 4.1(1d), 3.1(3c), 4.0(4k), 3.1(2d), 3.1(3a), 3.1(3j), 4.0(2d), 4.1(1f), 4.0(4j), 4.0(2m), 4.0(2k), 4.0(1c), 4.0(4f), 4.0(4c), 3.1(3d), 3.1(2g), 3.1(2c), 4.0(1d), 3.1(2e), 4.0(1a), 4.0(1b), 3.1(3b), 4.0(4b), 3.1(2b), 4.0(4e), 3.1(3h), 4.0(4l), 4.1(1g), 4.1(2a), 4.0(2n), 4.1(1h), 3.1(3k), 4.1(2b), 4.0(2o), 4.0(4m), 4.1(2d), 4.1(3b), 4.0(2p), 4.1(2e), 4.1(2f), 4.0(4n), 4.0(2q), 4.1(3c), 4.0(2r), 4.1(3d), 4.1(2g), 4.1(2h), 4.1(3g), 4.1(3f), 4.1(2j), 4.1(2k), 4.1(3h), 4.2(2a), 4.1(3i), 4.2(2f), 4.2(2g), 4.2(3b), 4.1(3l), 4.2(3d), 4.3(1.230097), 4.2(1e), 4.2(1b), 4.2(1j), 4.2(1i), 4.2(1f), 4.2(1a), 4.2(1c), 4.2(1g), 4.3(1.230124), 4.1(2l), 4.2(3e), 4.3(1.230138), 4.2(3g), 4.3(2.230207), 4.2(3h), 4.2(3i), 4.3(2.230270), 4.1(3m), 4.1(2m), 4.3(2.240002), 4.3(3.240022), 4.2(3j), 4.1(3n), 4.3(2.240009), 4.3(3.240041), 4.2(3k), 4.3(3.240043), 4.3(4.240142), 4.3(2.240037), 4.3(2.240053), 4.3(4.240152), 4.2(3l), 4.3(2.240077), 4.3(4.242028), 4.3(4.241063), 4.3(4.242038), 4.2(3m), 4.3(2.240090), 4.3(5.240021), 4.3(2.240107), 4.3(4.242066), 4.2(3n), 4.3(5.250001), 4.2(3o), 4.3(2.250016), 4.3(2.250021), 4.3(5.250030), 4.3(2.250022), 4.3(6.250039), 4.3(6.250040), 4.3(5.250033), 4.3(6.250044), 4.3(6.250053), 4.3(2.250037), 4.3(2.250045), 4.3(4.252001), 4.3(4.252002), 6.0(1.250127), 4.2(3p), 6.0(1.250131), 4.3(6.250101), 6.0(1.250174), 4.3(6.250117), 4.3(5.250043), 4.3(5.250045), 4.3(6.250060), 6.0(1.250130), 4.3(4.241014), 4.3(2.250063), 6.0(1.250192), 4.3(6.260003), 6.0(1.250194), 3.2.7, 3.2.6, 3.2.4, 3.2.10, 3.2.2, 3.2.3, 2.4.0, 3.2.1, 3.2.11.1, 3.2.8, 3.1.1, 3.0.2, 2.1.0, 2.2.2, 3.1.2, 3.0.1, 2.3.2, 2.3.5, 2.2.1, 3.1.4, 2.4.1, 2.3.1, 3.1.3, 2.3.3, 2.4.2, 3.1.5, 3.1.0, 2.0.0, 3.2.11.3, 3.2.11.5, 3.2.12.2, 3.2.13.6, 3.2.14, 4.11.1, 3.2.15, 4.12.1, 3.2.15.3, 4.12.2, 3.2.16.1, 4.00, 4.15.2, 4.02

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
cis	integrated management	cert_advisory	90%

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-3hKN3bVt

Related News (4 articles)

Tier B

BSI Advisories3h ago

[NEU] [hoch] Cisco Integrated Management Controller: Mehrere Schwachstellen

→ No new info (linked only)

Tier D

Heise Security5h ago

Cisco stopft teils kritische Lücken in mehreren Produkten

→ No new info (linked only)

Tier C

VulDB18h ago

CVE-2026-20094 | Cisco Unified Computing System Web-based Management Interface command injection (cisco-sa-cimc-cmd-inj-3hKN3bVt)

→ No new info (linked only)

Tier A

Cisco Security19h ago

Cisco Integrated Management Controller Command Injection and Remote Code Execution Vulnerabilities

→ No new info (linked only)

CVSS 3.18.8 HIGH

VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA KEV❌ No

Actively exploited❌ No

CWECWE-77

PublishedApr 1, 2026

Last enriched14h agov2

Trending Score51

Source articles4

Independent4

Info Completeness8/14

Missing: epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-20093

Cisco Integrated Management Controller Authentication Bypass Vulnerability

Trending: 64

CRITICALCVE-2026-20160

Cisco Smart Software Manager On-Prem Arbitrary Command Execution Vulnerability

Trending: 59

MEDIUMCVE-2026-20095

Cisco Integrated Management Controller Command Injection Vulnerability

Trending: 47

MEDIUMCVE-2026-20097

Cisco Integrated Management Controller Remote Code Execution Vulnerability

Trending: 47

MEDIUMCVE-2026-20096

Cisco Integrated Management Controller Command Injection Vulnerability

Trending: 47

Pin to Dashboard

Verification

State: verified

Confidence: 100%

Vulnerability Timeline

CVE Published

Apr 1, 2026

Discovered by ZDM

Apr 1, 2026

Updated: vendor, product, affectedVersions

Apr 1, 2026

Version History

Last enriched 14h ago

v2Tier C14h ago

Updated vendor to Cisco, product to Unified Computing System, added affected version Unified Computing System E-Series Software, changed severity to CRITICAL, and marked as actively exploited.

vendorproductaffectedVersions

via VulDB

v115h ago

Initial creation

Description

Affected Products

Vendor

Product

Versions

cis

cisco integrated management

4.0(2g), 3.1(2i), 3.1(1d), 4.0(4i), 4.1(1c), 4.0(2c), 4.0(1e), 4.0(2h), 4.0(4h), 4.0(1h), 4.0(2l), 3.1(3g), 4.0(1.240), 4.0(2f), 4.0(1g), 4.0(2i), 3.1(3i), 4.0(4d), 4.1(1d), 3.1(3c), 4.0(4k), 3.1(2d), 3.1(3a), 3.1(3j), 4.0(2d), 4.1(1f), 4.0(4j), 4.0(2m), 4.0(2k), 4.0(1c), 4.0(4f), 4.0(4c), 3.1(3d), 3.1(2g), 3.1(2c), 4.0(1d), 3.1(2e), 4.0(1a), 4.0(1b), 3.1(3b), 4.0(4b), 3.1(2b), 4.0(4e), 3.1(3h), 4.0(4l), 4.1(1g), 4.1(2a), 4.0(2n), 4.1(1h), 3.1(3k), 4.1(2b), 4.0(2o), 4.0(4m), 4.1(2d), 4.1(3b), 4.0(2p), 4.1(2e), 4.1(2f), 4.0(4n), 4.0(2q), 4.1(3c), 4.0(2r), 4.1(3d), 4.1(2g), 4.1(2h), 4.1(3g), 4.1(3f), 4.1(2j), 4.1(2k), 4.1(3h), 4.2(2a), 4.1(3i), 4.2(2f), 4.2(2g), 4.2(3b), 4.1(3l), 4.2(3d), 4.3(1.230097), 4.2(1e), 4.2(1b), 4.2(1j), 4.2(1i), 4.2(1f), 4.2(1a), 4.2(1c), 4.2(1g), 4.3(1.230124), 4.1(2l), 4.2(3e), 4.3(1.230138), 4.2(3g), 4.3(2.230207), 4.2(3h), 4.2(3i), 4.3(2.230270), 4.1(3m), 4.1(2m), 4.3(2.240002), 4.3(3.240022), 4.2(3j), 4.1(3n), 4.3(2.240009), 4.3(3.240041), 4.2(3k), 4.3(3.240043), 4.3(4.240142), 4.3(2.240037), 4.3(2.240053), 4.3(4.240152), 4.2(3l), 4.3(2.240077), 4.3(4.242028), 4.3(4.241063), 4.3(4.242038), 4.2(3m), 4.3(2.240090), 4.3(5.240021), 4.3(2.240107), 4.3(4.242066), 4.2(3n), 4.3(5.250001), 4.2(3o), 4.3(2.250016), 4.3(2.250021), 4.3(5.250030), 4.3(2.250022), 4.3(6.250039), 4.3(6.250040), 4.3(5.250033), 4.3(6.250044), 4.3(6.250053), 4.3(2.250037), 4.3(2.250045), 4.3(4.252001), 4.3(4.252002), 6.0(1.250127), 4.2(3p), 6.0(1.250131), 4.3(6.250101), 6.0(1.250174), 4.3(6.250117), 4.3(5.250043), 4.3(5.250045), 4.3(6.250060), 6.0(1.250130), 4.3(4.241014), 4.3(2.250063), 6.0(1.250192), 4.3(6.260003), 6.0(1.250194), 3.2.7, 3.2.6, 3.2.4, 3.2.10, 3.2.2, 3.2.3, 2.4.0, 3.2.1, 3.2.11.1, 3.2.8, 3.1.1, 3.0.2, 2.1.0, 2.2.2, 3.1.2, 3.0.1, 2.3.2, 2.3.5, 2.2.1, 3.1.4, 2.4.1, 2.3.1, 3.1.3, 2.3.3, 2.4.2, 3.1.5, 3.1.0, 2.0.0, 3.2.11.3, 3.2.11.5, 3.2.12.2, 3.2.13.6, 3.2.14, 4.11.1, 3.2.15, 4.12.1, 3.2.15.3, 4.12.2, 3.2.16.1, 4.00, 4.15.2, 4.02

Vendor

Product

Source

Confidence

cis

integrated management

cert_advisory

90%