Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact
Vulnerability

Cisco IMC authentication bypass exposure

Updated 02.04.2026 14:01
Case score 60
Case score 60 Members 1 Latest activity 02.04.2026 14:01
Patch available No known exploitation
Members 1 First seen 02.04.2026 14:01 Last seen 02.04.2026 14:01 Updated 02.04.2026 14:01

Overview

Cisco released security updates for **Cisco IMC/CIMC** after finding **CVE-2026-20093**, a password-change authentication bypass on **UCS C-Series and E-Series servers**. An unauthenticated attacker can send a crafted HTTP request to the management interface and reach **Admin** access if the device is unpatched. Cisco says there are **no workarounds** and recommends upgrading to the fixed software as soon as possible. Available evidence does not show in-the-wild exploitation or proof-of-concept code.

Signals

4 derived
Exploitation
Exploitation No known exploitation
CVEs/products
CVE
Remediation
Remediation Patch available
Data exposure
Data Passwords

Member happenings

1 related
Vulnerability Cisco IMC password change authentication bypass (CVE-2026-20093)
Updated 02.04.2026 14:01 Lead Contribution 60
Exploitation No Known Exploitation Exploit No Known Public Exploit Data Type Passwords Patch Patch Available

Cisco released **security updates** for **Cisco IMC/CIMC** after a **password-change authentication bypass** was found that lets **unauthenticated attackers** gain **Admin access** on affected **UCS C-Series and E-Series servers**. Tracked as **CVE-2026-20093**, the flaw can be triggered with a **crafted HTTP request** against the IMC password-change path. Cisco says there are **no workarounds** and recommends upgrading to the **fixed software** as soon as possible. The company has not found **in-the-wild exploitation** or **proof-of-concept exploit code**.

View happening