Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise

Cisco released critical security patches for the Integrated Management Controller (IMC) and UCS Server Manager (SSM) addressing a severe authentication bypass vulnerability (CVE-2026-20093) with a CVSS score of 9.8 out of 10. The flaw allows unauthenticated remote attackers to bypass authentication mechanisms and gain system access with elevated privileges. This critical flaw affects Cisco's hardware management infrastructure and poses significant risk to organizations running vulnerable IMC versions. Immediate patching is recommended to prevent potential remote compromise of affected systems. No specific threat actors or malware families have been attributed to this vulnerability at this time.

Cisco has released updates to address a critical security flaw in the Integrated Management Controller (IMC) that, if successfully exploited, could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system with elevated privileges. The vulnerability, tracked as CVE-2026-20093, carries a CVSS score of 9.8 out of a maximum of 10.0. "This

Cisco released critical security patches for the Integrated Management Controller (IMC) and UCS Server Manager (SSM) addressing a severe authentication bypass vulnerability (CVE-2026-20093) with a CVSS score of 9.8 out of 10. The flaw allows unauthenticated remote attackers to bypass authentication mechanisms and gain system access with elevated privileges. This critical flaw affects Cisco's hardware management infrastructure and poses significant risk to organizations running vulnerable IMC versions. Immediate patching is recommended to prevent potential remote compromise of affected systems. No specific threat actors or malware families have been attributed to this vulnerability at this time. Cisco has released updates to address a critical security flaw in the Integrated Management Controller (IMC) that, if successfully exploited, could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system with elevated privileges. The vulnerability, tracked as CVE-2026-20093, carries a CVSS score of 9.8 out of a maximum of 10.0. "This Cisco has released updates to address a critical security flaw in the Integrated Management Controller (IMC) that, if successfully exploited, could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system with elevated privileges. The vulnerability, tracked as CVE-2026-20093, carries a CVSS score of 9.8 out of a maximum of 10.0. "This