CVE-2026-20147
Received Received - Intake
Command Injection in Cisco ISE Allows Remote Root Access

Publication date: 2026-04-15

Last updated on: 2026-04-15

Assigner: Cisco Systems, Inc.

Description
A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to root. In single-node ISE deployments, successful exploitation of this vulnerability could cause the affected ISE node to become unavailable, resulting in a denial of service (DoS) condition. In that condition, endpoints that have not already authenticated would be unable to access the network until the node is restored.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-15
Last Modified
2026-04-15
Generated
2026-06-16
AI Q&A
2026-04-15
EPSS Evaluated
2026-06-14
NVD
CVE-2026-20147
EUVD
EUVD-2026-22962
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
cisco ise *
cisco ise-pic *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-77 The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in Cisco ISE and Cisco ISE-PIC and allows an authenticated remote attacker to execute arbitrary commands on the underlying operating system of the affected device.

To exploit this vulnerability, the attacker must have valid administrative credentials and send a specially crafted HTTP request to the device.

The root cause is insufficient validation of user-supplied input, which enables the attacker to gain user-level access and then escalate privileges to root.

Impact Analysis

Exploitation of this vulnerability can allow an attacker to execute arbitrary commands with root privileges on the affected device.

In single-node ISE deployments, successful exploitation could cause the node to become unavailable, resulting in a denial of service (DoS) condition.

During a DoS condition, endpoints that have not yet authenticated would be unable to access the network until the node is restored.

Mitigation Strategies

This vulnerability requires valid administrative credentials to exploit and involves sending crafted HTTP requests to affected Cisco ISE or Cisco ISE-PIC devices.

Immediate mitigation steps include restricting administrative access to trusted personnel only and monitoring for unusual HTTP requests to the device.

Additionally, consider isolating affected nodes to prevent denial of service conditions and restoring nodes promptly if they become unavailable.

Compliance Impact

This vulnerability allows an authenticated attacker to execute arbitrary commands on the underlying operating system of affected Cisco ISE devices, potentially leading to unauthorized access and denial of service.

Such unauthorized access and potential service disruption could impact the confidentiality, integrity, and availability of sensitive data managed or protected by these devices.

Therefore, exploitation of this vulnerability could lead to non-compliance with standards and regulations like GDPR and HIPAA, which require protection of sensitive data and maintaining system availability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-20147. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart