CVE-2026-20160
Received Received - Intake
Remote Code Execution in Cisco SSM On-Prem via Exposed API

Publication date: 2026-04-01

Last updated on: 2026-04-01

Assigner: Cisco Systems, Inc.

Description
A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected SSM On-Prem host. This vulnerability is due to the unintentional exposure of an internal service. An attacker could exploit this vulnerability by sending a crafted request to the API of the exposed service. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-01
Last Modified
2026-04-01
Generated
2026-06-16
AI Q&A
2026-04-01
EPSS Evaluated
2026-06-15
NVD
CVE-2026-20160
EUVD
EUVD-2026-17956
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
cisco smart_software_manager_on-prem *
cisco smart_software_manager_on-prem From 9-202502 (inc) to 9-202510 (inc)
cisco smart_software_manager_on-prem From 9-202601 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-668 The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The provided information does not specify how this vulnerability directly affects compliance with common standards and regulations such as GDPR or HIPAA.

Executive Summary

CVE-2026-20160 is a critical vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) that allows an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system with root-level privileges.

This vulnerability occurs because an internal service within SSM On-Prem is unintentionally exposed. An attacker can exploit this by sending a specially crafted request to the API of the exposed service, which leads to arbitrary command execution on the host.

Impact Analysis

The vulnerability allows an unauthenticated attacker to remotely execute commands with root-level privileges on the affected system.

  • Complete compromise of the affected SSM On-Prem host.
  • Potential unauthorized access to sensitive data.
  • Disruption of system availability and integrity.
  • No privileges or user interaction are required to exploit this vulnerability, making it highly dangerous.
Detection Guidance

There are no specific detection commands or methods provided to identify this vulnerability on your network or system.

Mitigation Strategies

The primary mitigation step is to upgrade Cisco Smart Software Manager On-Prem to the fixed release version 9-202601 or later.

No workarounds or other mitigations are available, so upgrading is strongly recommended to fully remediate the vulnerability.

Ensure your devices meet hardware and software requirements before upgrading.

If you do not have a valid service contract or purchased through third parties, contact Cisco TAC for upgrade assistance.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-20160. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart