CVE-2026-20099
Received Received - Intake
Command Injection in Cisco FXOS and UCS Manager Enables Root Access

Publication date: 2026-02-25

Last updated on: 2026-02-25

Assigner: Cisco Systems, Inc.

Description
A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root.  This vulnerability is due to insufficient input validation of command arguments supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of the affected device with root-level privileges.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-25
Last Modified
2026-02-25
Generated
2026-06-16
AI Q&A
2026-02-25
EPSS Evaluated
2026-06-14
NVD
CVE-2026-20099
EUVD
EUVD-2026-8671
Affected Vendors & Products
Showing 11 associated CPEs
Vendor Product Version / Range
cisco fxos_software *
cisco ucs_manager_software *
cisco ucs_manager_software to 4.3(6c) (exc)
cisco ucs_fabric_interconnects From 4.3(6c) (inc)
cisco firepower_2100_series *
cisco firepower_4100_series *
cisco firepower_9300_security_appliances *
cisco ucs_6300_series *
cisco ucs_6400_series *
cisco ucs_6500_series *
cisco ucs_x_series_direct_fabric_interconnects *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

I don't know

Impact Analysis

[{'type': 'paragraph', 'content': 'This vulnerability can lead to a full system compromise because an attacker who is already authenticated with administrative privileges can escalate their privileges to root.'}, {'type': 'paragraph', 'content': "The attacker can execute arbitrary commands on the affected device's operating system, potentially leading to loss of confidentiality, integrity, and availability of the system."}, {'type': 'list_item', 'content': 'Loss of sensitive data confidentiality'}, {'type': 'list_item', 'content': 'Unauthorized modification or deletion of data'}, {'type': 'list_item', 'content': 'Disruption or denial of service due to system compromise'}] [1]

Detection Guidance

Cisco provides the Cisco Software Checker tool to help customers identify affected software versions and fixed releases related to this vulnerability.

Detection involves verifying if your devices are running vulnerable releases of Cisco FXOS Software or Cisco UCS Manager Software, particularly versions 4.2 and earlier for UCS Fabric Interconnects.

No specific detection commands are provided in the available resources.

Executive Summary

CVE-2026-20099 is a medium-severity command injection vulnerability affecting the web-based management interfaces of Cisco FXOS Software and Cisco UCS Manager Software.

It allows an authenticated local attacker with administrative privileges to perform command injection by submitting crafted input to vulnerable commands due to insufficient input validation of user-supplied command arguments.

Successful exploitation enables the attacker to execute arbitrary commands on the underlying operating system with root-level privileges, leading to full system compromise.

Mitigation Strategies

There are no workarounds or mitigations available for this vulnerability.

Cisco strongly recommends upgrading to fixed software releases to remediate the vulnerability.

  • For UCS Fabric Interconnects, upgrade to version 4.3(6c) or later; version 6.0 is not vulnerable.
  • Obtain fixed software through Cisco or authorized partners.
  • Ensure compatibility with your hardware and configurations before upgrading.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-20099. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart