Cisco Patches Multiple Vulnerabilities in IOS Software

Cisco Patches Multiple Vulnerabilities in IOS Software

By Ionut Arghire
Publication Date: 2026-03-26 12:32:00

Cisco on Wednesday announced patches for a dozen high- and medium-severity vulnerabilities in IOS and IOS XE, most of which could be exploited to cause denial-of-service (DoS) conditions.

The patches were rolled out as part of Cisco’s semiannual IOS and IOS XE security advisory bundle. While none of the bugs appear to have been exploited in the wild, technical information on four of them has been published.

The publicly disclosed issues, tracked as CVE-2026-20110, CVE-2026-20112, CVE-2026-20113, and CVE-2026-20114, are medium-severity defects affecting Cisco Catalyst 9300 Series switches.

According to OPSWAT, which discovered and reported the security defects, attackers could chain two of these flaws, CVE-2026-20114 and CVE-2026-20110, to escalate privileges and cause a persistent DoS condition that may require manual intervention to resolve.

Impacting the Lobby Ambassador web-based management API, CVE-2026-20114 exists because parameters are not sufficiently…