Vulnerability Management, Patch/Configuration Management

Cisco ISE, ISE-PIC flaw patched following PoC exploit release

SecurityWeek reports that updates have been issued by Cisco to fix the medium-severity Identity Services Engine and ISE Passive Identity Connector flaw, tracked as CVE-2026-20029, following the release of a proof-of-concept exploit.

Authenticated threat actors and admin privileges could remotely harness the vulnerability, which stems from improper XML parsing within Cisco ISE and ISE-PIC's web management interface, to read arbitrary files from the operating system that contain sensitive information that even administrators could not access, according to an advisory from Cisco.

All Cisco ISE and ISE-PIC instances are affected by the issue, which was discovered by Trend Micro Zero Day Initiative's Bobby Gould. Despite the existence of a public PoC, no active exploitation of the flaw has been observed so far.

"The Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory," said the report.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds