Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution

Cisco has released security patches addressing four critical vulnerabilities in its Identity Services Engine (ISE) and Webex Services. The most severe flaw, CVE-2026-20184 (CVSS 9.8), involves improper certificate validation in single sign-on (SSO) integrations. These vulnerabilities could allow unauthenticated remote attackers to execute arbitrary code and impersonate any user within the affected services. Organizations running Cisco ISE or Webex are advised to apply patches immediately to prevent potential exploitation. The high CVSS score and broad impact on authentication systems make this a priority update for enterprise environments.

Cisco has announced patches to address four critical security flaws impacting Identity Services and Webex Services that could result in arbitrary code execution and allow an attacker to impersonate any user within the service. The details of the vulnerabilities are below - CVE-2026-20184 (CVSS score: 9.8) - An improper certificate validation in the integration of single sign-on (SSO)

Cisco has released security patches addressing four critical vulnerabilities in its Identity Services Engine (ISE) and Webex Services. The most severe flaw, CVE-2026-20184 (CVSS 9.8), involves improper certificate validation in single sign-on (SSO) integrations. These vulnerabilities could allow unauthenticated remote attackers to execute arbitrary code and impersonate any user within the affected services. Organizations running Cisco ISE or Webex are advised to apply patches immediately to prevent potential exploitation. The high CVSS score and broad impact on authentication systems make this a priority update for enterprise environments. Cisco has announced patches to address four critical security flaws impacting Identity Services and Webex Services that could result in arbitrary code execution and allow an attacker to impersonate any user within the service. The details of the vulnerabilities are below - CVE-2026-20184 (CVSS score: 9.8) - An improper certificate validation in the integration of single sign-on (SSO) Cisco has announced patches to address four critical security flaws impacting Identity Services and Webex Services that could result in arbitrary code execution and allow an attacker to impersonate any user within the service. The details of the vulnerabilities are below - CVE-2026-20184 (CVSS score: 9.8) - An improper certificate validation in the integration of single sign-on (SSO)