CVE-2026-20037
Received Received - Intake
Privilege Escalation in Cisco UCS NX-OS CLI via Excessive Rights

Publication date: 2026-02-25

Last updated on: 2026-02-25

Assigner: Cisco Systems, Inc.

Description
A vulnerability in the NX-OS CLI privilege levels of Cisco UCS Manager Software could allow an authenticated, local attacker with read-only privileges to modify files and perform unauthorized actions on an affected system.   This vulnerability exists because unnecessary privileges are given to the user. An attacker could exploit this vulnerability by authenticating to a device as a read-only user and connecting to the NX-OS CLI. A successful exploit could allow the attacker to create or overwrite files in the file system or perform limited privileged actions on an affected device.   
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-25
Last Modified
2026-02-25
Generated
2026-06-16
AI Q&A
2026-02-25
EPSS Evaluated
2026-06-15
NVD
CVE-2026-20037
EUVD
EUVD-2026-8667
Affected Vendors & Products
Showing 4 associated CPEs
Vendor Product Version / Range
cisco ucs_manager_software *
cisco ucs_manager_software From 4.3(6f) (inc)
cisco ucs_manager_software 4.2
cisco ucs_manager_software 4.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-250 The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-20037 is a medium-severity privilege escalation vulnerability in Cisco UCS Manager Software affecting the NX-OS CLI privilege levels.

It allows an authenticated local attacker with only read-only privileges to escalate their privileges by modifying files and performing unauthorized actions on the affected system.

The root cause is the assignment of unnecessary privileges to read-only users, enabling them to connect to the NX-OS CLI and create or overwrite files or execute limited privileged commands.

This vulnerability affects Cisco UCS Manager Software running on UCS 6400 Series, UCS 6500 Series, UCS X-Series Direct Fabric Interconnects, and 9108 100G Fabric Interconnects.

Impact Analysis

An attacker who exploits this vulnerability could create or overwrite files in the file system or perform limited privileged actions on an affected device.

This means that even users with only read-only access could gain unauthorized capabilities, potentially compromising the integrity and confidentiality of the system.

However, the impact on availability is not affected according to the CVSS score.

Compliance Impact

I don't know

Detection Guidance

There are no specific detection commands or methods provided for identifying this vulnerability on your network or system.

The vulnerability involves an authenticated local attacker with read-only privileges exploiting unnecessary privileges in the NX-OS CLI privilege levels of Cisco UCS Manager Software.

Detection would generally require verifying the software version and privilege configurations on affected devices.

Mitigation Strategies

Cisco strongly recommends upgrading to fixed software releases to fully remediate this vulnerability.

  • Upgrade UCS Manager Software to version 4.3(6f) or later, as releases 6.0 and later are not vulnerable.
  • Avoid relying on workarounds, as none are available for this vulnerability.
  • Review and restrict user privileges to minimize unnecessary access, especially for read-only users.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-20037. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart