CVE-2026-20036
Command Injection in Cisco UCS Manager Allows Root Execution
Publication date: 2026-02-25
Last updated on: 2026-02-25
Assigner: Cisco Systems, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cisco | ucs_manager_software | * |
| cisco | ucs_manager_software | From 4.3(6f) (inc) |
| cisco | ucs_manager_software | From 6.0(2) (inc) |
| cisco | ucs_manager_software | to 4.3(6f) (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-20036 is a medium-severity command injection vulnerability in Cisco UCS Manager Software. It affects both the CLI and web-based management interfaces. An authenticated remote attacker with valid administrative privileges can exploit this vulnerability by submitting specially crafted input to certain commands due to insufficient input validation. This allows the attacker to execute arbitrary commands on the underlying operating system with root-level privileges.
How can this vulnerability impact me? :
[{'type': 'paragraph', 'content': "If exploited, this vulnerability allows an attacker with administrative access to execute arbitrary commands on the device's operating system with root-level privileges. This could lead to full control over the affected device, potentially compromising its integrity, confidentiality, and availability."}] [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability requires authentication with valid administrative privileges to be exploited, and it involves submitting crafted input to the CLI or web-based management interface of Cisco UCS Manager Software.
There are no specific detection commands or network detection methods provided in the available information.
What immediate steps should I take to mitigate this vulnerability?
Cisco has identified no workarounds for this vulnerability.
The recommended immediate mitigation step is to upgrade to fixed UCS Manager Software releases: versions 4.3(6f) and later, or 6.0(2) (March 2026) and later.
Before upgrading, verify device compatibility and support through authorized Cisco channels.
Since exploitation requires valid administrative credentials, ensure that access to the management interfaces is tightly controlled and monitored.