【資安漏洞預警】Cisco旗下Integrated Management Controller 存在2個重大資安漏洞
[Security Vulnerability Alert] Two critical cybersecurity vulnerabilities exist in Cisco's Integrated Management Controller.

發布單位:圖資處數位服務組
日期範圍:2026/4/14 ~ 2026/10/14
 
發布單位:圖資處數位服務組
日期範圍:2026/4/14 ~ 2026/10/14
行政 行政公告
全體

轉發 台灣電腦網路危機處理暨協調中心 資安訊息警訊 TWCERTCC-200-202604-00000004

[內容說明]
Cisco 旗下整合管理控制器( Integrated Management Controller,IMC)是一款專門為Cisco整合運算系統的伺服器設計管理工具,提供伺服器遠端監控、配置和管理功能,近日Cisco發布重大資安公告(CVE-2026-20093,CVSS:9.8 和 CVE-2026-20094,CVSS:8.8)。
CVE-2026-20093為身分驗證繞過漏洞,可能允許未經身分驗證的遠端攻擊者繞過身分驗證,並以管理員身分存取系統;CVE-2026-20094存在於IMC的Web管理介面,此為命令注入漏洞,經身分驗證的遠端攻擊者可能在受影響的底層作業系統上,執行任意程式碼或命令,並將權限提升至root。

[影響平台]
Cisco 5000 Series ENCS 4.15(含)之前版本
Cisco Catalyst 8300 Series Edge uCPE 4.16(含)之前版本
Cisco Catalyst 8300 Series Edge uCPE 4.18版本
UCS C-Series M5 Rack Server 4.2(含)之前版本
UCS C-Series M5 Rack Server 4.3版本
UCS C-Series M6 Rack Server 4.2(含)之前版本
UCS C-Series M6 Rack Server 4.3
UCS C-Series M6 Rack Server 6.0
UCS E-Series M3 3.2 (含)之前版本
UCS E-Series M6 4.15 (含)之前版本

[建議措施]
根據官方網站釋出的解決方式進行修補
【CVE-2026-20093】 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-auth-bypass-AgG2BxTn

【CVE-2026-20094】 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-3hKN3bVt

[參考資料]
1. https://www.twcert.org.tw/tw/cp-169-10823-4db55-1.html

Forwarded from Taiwan Computer Network Crisis Management and Coordination Center: Cybersecurity Alert TWCERTCC-200-202604-00000004

[Content Description]
Cisco's Integrated Management Controller (IMC) is a server management tool specifically designed for Cisco integrated computing systems, providing remote server monitoring, configuration, and management functions. Recently, Cisco issued a major cybersecurity advisory (CVE-2026-20093, CVSS: 9.8 and CVE-2026-20094, CVSS: 8.8).
CVE-2026-20093 is an authentication bypass vulnerability that could allow an unauthenticated remote attacker to bypass authentication and access the system as an administrator. CVE-2026-20094 exists in IMC's web management interface; this is a command injection vulnerability that allows an authenticated remote attacker to execute arbitrary code or commands on the affected underlying operating system and escalate privileges to root.

[Affected Platforms]
Cisco 5000 Series ENCS versions 4.15 and earlier
Cisco Catalyst 8300 Series Edge uCPE versions 4.16 and earlier
Cisco Catalyst 8300 Series Edge uCPE version 4.18
UCS C-Series M5 Rack Server versions 4.2 and earlier
UCS C-Series M5 Rack Server version 4.3
UCS C-Series M6 Rack Server versions 4.2 and earlier
UCS C-Series M6 Rack Server version 4.3
UCS C-Series M6 Rack Server version 6.0
UCS E-Series M3 versions 3.2 and earlier
UCS E-Series M6 version 4.15 (Including) versions prior to this

[Recommended Action]
Patch according to the solutions released on the official website.
【CVE-2026-20093】 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-auth-bypass-AgG2BxTn

【CVE-2026-20094】 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-3hKN3bVt

[References]
1. https://www.twcert.org.tw/tw/cp-169-10823-4db55-1.html


相關附件
system_update_alt參考資料
【返回上頁】
Top↑