By Sergiu Gatlan
Publication Date: 2026-01-08 09:13:00
Cisco has patched a vulnerability in its Identity Services Engine (ISE) network access control solution, with public proof-of-concept exploit code, that can be abused by attackers with admin privileges.
Enterprise admins use Cisco ISE to manage endpoint, user, and device access to network resources while enforcing a zero-trust architecture.
The security flaw (CVE-2026-20029) affects Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) regardless of device configuration, and remote attackers with high privileges can exploit it to access sensitive information on unpatched devices.
“This vulnerability is due to improper parsing of XML that is processed by the web-based management interface of Cisco ISE and Cisco ISE-PIC. An attacker could exploit this vulnerability by uploading a malicious file to the application,” Cisco said.
“A successful exploit could allow the attacker to read arbitrary files from the underlying operating…
