Cisco Identity Services Engine Multiple Cross-Site Scripting Vulnerabilities
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-isexss-BS8ctE7U?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Identity%20Services%20Engine%20Multiple%20Cross-Site%20Scripting%20Vulnerabilities%26vs_k=1
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative write privileges to conduct a stored cross-site scripting (XSS) attack or a reflected XSS attack against a user of the web-based management interface of an affected device.
These vulnerabilities are due to insufficient sanitization of user-supplied data that is stored in the web page. An attacker could exploit these vulnerabilities by convincing a user of the interface to click a specific link or view an affected web page. The injected script code may be executed in the context of the web-based management interface or allow the attacker to access sensitive browser-based information.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-isexss-BS8ctE7U
Security Impact Rating: Medium
CVE: CVE-2026-20132
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-isexss-BS8ctE7U?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Identity%20Services%20Engine%20Multiple%20Cross-Site%20Scripting%20Vulnerabilities%26vs_k=1
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative write privileges to conduct a stored cross-site scripting (XSS) attack or a reflected XSS attack against a user of the web-based management interface of an affected device.
These vulnerabilities are due to insufficient sanitization of user-supplied data that is stored in the web page. An attacker could exploit these vulnerabilities by convincing a user of the interface to click a specific link or view an affected web page. The injected script code may be executed in the context of the web-based management interface or allow the attacker to access sensitive browser-based information.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-isexss-BS8ctE7U
Security Impact Rating: Medium
CVE: CVE-2026-20132
👍1
Cisco just made moves to own the AI infrastructure stack
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2026/m04/cisco-just-made-moves-to-own-the-ai-infrastructure-stack.html?source=rss
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2026/m04/cisco-just-made-moves-to-own-the-ai-infrastructure-stack.html?source=rss
By bulking up AI observability with Galileo and identity with Astrix, Cisco is repositioning its secure network as the control plane for the agentic era.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
Churchill Downs Designates Cisco as Official Enterprise Networking and Network Infrastructure Partner of the Kentucky Derby
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2026/m04/churchill-downs-designates-cisco-as-official-enterprise-networking-and-network-infrastructure-partner-of-the-kentucky-derby.html?source=rss
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2026/m04/churchill-downs-designates-cisco-as-official-enterprise-networking-and-network-infrastructure-partner-of-the-kentucky-derby.html?source=rss
Cisco and Churchill Downs Incorporated today announced a multi-year partnership to significantly enhance the networking capabilities at the historic Churchill Downs Racetrack.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
❤1
One day with our customers: driving better outcomes through customer centricity
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2026/m04/one-day-with-our-customers-driving-better-outcomes-through-customer-centricity.html?source=rss
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2026/m04/one-day-with-our-customers-driving-better-outcomes-through-customer-centricity.html?source=rss
Cisco’s "One Day at Your Customer" initiative brings teams into client sites to listen and learn, ensuring we better support their business and drive success.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
👍2
From automation to autonomy: Cisco and Rockwell power a new era for manufacturing
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2026/m04/from-automation-to-autonomy-cisco-and-rockwell-power-a-new-era-for-manufacturing.html?source=rss
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2026/m04/from-automation-to-autonomy-cisco-and-rockwell-power-a-new-era-for-manufacturing.html?source=rss
❤1
Learn how Cisco's partnership with Rockwell is driving industrial autonomy, a key to enabling scalable infrastructure across all environments.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
❤1
Next-level farming: vertical, efficient, and AI powered
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2026/m04/next-level-farming-vertical-efficient-and-ai-powered.html?source=rss
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2026/m04/next-level-farming-vertical-efficient-and-ai-powered.html?source=rss
❤1
Planet Farms’ Massimo Mistretta on how Cisco supports agriculture that addresses a changing climate, food access, soil depletion, and more.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
❤2
Energy will define the scale of AI
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2026/m04/energy-will-define-the-scale-of-ai.html?source=rss
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2026/m04/energy-will-define-the-scale-of-ai.html?source=rss
Learn how Cisco is partnering with other organizations to ensure responsible, energy-efficient, and trustworthy AI development.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
Cisco Integrated Management Controller Cross-Site Scripting Vulnerabilities
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-xss-A2tkgVAB?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Integrated%20Management%20Controller%20Cross-Site%20Scripting%20Vulnerabilities%26vs_k=1
Multiple vulnerabilities in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
For more information about these vulnerabilities, see the Details (https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-xss-A2tkgVAB?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Integrated%20Management%20Controller%20Cross-Site%20Scripting%20Vulnerabilities%26vs_k=1#details) section of this advisory.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-xss-A2tkgVAB
Security Impact Rating: Medium
CVE: CVE-2026-20085,CVE-2026-20087,CVE-2026-20088,CVE-2026-20089,CVE-2026-20090
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-xss-A2tkgVAB?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Integrated%20Management%20Controller%20Cross-Site%20Scripting%20Vulnerabilities%26vs_k=1
Multiple vulnerabilities in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
For more information about these vulnerabilities, see the Details (https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-xss-A2tkgVAB?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Integrated%20Management%20Controller%20Cross-Site%20Scripting%20Vulnerabilities%26vs_k=1#details) section of this advisory.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-xss-A2tkgVAB
Security Impact Rating: Medium
CVE: CVE-2026-20085,CVE-2026-20087,CVE-2026-20088,CVE-2026-20089,CVE-2026-20090
❤2👌1
Continued Evolution of Persistence Mechanism Against Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-CISAED25-03?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Continued%20Evolution%20of%20Persistence%20Mechanism%20Against%20Cisco%20Secure%20Firewall%20Adaptive%20Security%20Appliance%20and%20Secure%20Firewall%20Threat%20Defense%26vs_k=1
On April 23, 2026, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an update to V1: Emergency Directive (ED) 25-03: Identify and Mitigate Potential Compromise of Cisco Devices (https://cisa.gov/news-events/directives/v1-ed-25-03-identify-and-mitigate-potential-compromise-cisco-devices) related to Cisco Secure Firewall Adaptive Security Appliance (ASA) and Cisco Secure Firewall Threat Defense (FTD) products.
According to the update, the ArcaneDoor threat actor has developed a previously unknown persistence mechanism that is preserved across upgrading to the fixed releases that were published in September 2025. This persistence mechanism resides in the Cisco Firepower eXtensible Operating System (FXOS) Software base operating system for Cisco Secure Firewall ASA Software and Cisco Secure FTD Software installations on the affected hardware platforms.
Note: According to the intelligence Cisco PSIRT has received to date, the initial compromise, begins with the attacker exploiting the following vulnerabilities before customers upgraded to the fixed releases that were made available in September 2025:
CVE-2025-20333: Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Remote Code Execution Vulnerability (https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-z5xP8EUB)
CVE-2025-20362: Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Unauthorized Access Vulnerability (https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-YROOTUW)
For more information about the fixed releases that were made available in September 2025, see September 2025 Cisco Event Response: Continued Attacks Against Cisco Firewalls (https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks).
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-CISAED25-03
Security Impact Rating: Informational
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-CISAED25-03?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Continued%20Evolution%20of%20Persistence%20Mechanism%20Against%20Cisco%20Secure%20Firewall%20Adaptive%20Security%20Appliance%20and%20Secure%20Firewall%20Threat%20Defense%26vs_k=1
On April 23, 2026, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an update to V1: Emergency Directive (ED) 25-03: Identify and Mitigate Potential Compromise of Cisco Devices (https://cisa.gov/news-events/directives/v1-ed-25-03-identify-and-mitigate-potential-compromise-cisco-devices) related to Cisco Secure Firewall Adaptive Security Appliance (ASA) and Cisco Secure Firewall Threat Defense (FTD) products.
According to the update, the ArcaneDoor threat actor has developed a previously unknown persistence mechanism that is preserved across upgrading to the fixed releases that were published in September 2025. This persistence mechanism resides in the Cisco Firepower eXtensible Operating System (FXOS) Software base operating system for Cisco Secure Firewall ASA Software and Cisco Secure FTD Software installations on the affected hardware platforms.
Note: According to the intelligence Cisco PSIRT has received to date, the initial compromise, begins with the attacker exploiting the following vulnerabilities before customers upgraded to the fixed releases that were made available in September 2025:
CVE-2025-20333: Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Remote Code Execution Vulnerability (https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-z5xP8EUB)
CVE-2025-20362: Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Unauthorized Access Vulnerability (https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-YROOTUW)
For more information about the fixed releases that were made available in September 2025, see September 2025 Cisco Event Response: Continued Attacks Against Cisco Firewalls (https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks).
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-CISAED25-03
Security Impact Rating: Informational
❤2