【資安漏洞預警】Cisco 旗下身分識別服務存在3個重大資安漏洞
[Security Vulnerability Alert] Cisco's identity verification service has three major cybersecurity vulnerabilities.

發布單位:圖資處數位服務組
日期範圍:2026/4/21 ~ 2026/10/21
 
發布單位:圖資處數位服務組
日期範圍:2026/4/21 ~ 2026/10/21
行政 行政公告
全體

轉發 台灣電腦網路危機處理暨協調中心 資安訊息警訊 TWCERTCC-200-202604-00000018

[內容說明]
Cisco 旗下身分識別服務引擎(Identity Services Engine,ISE)是一款基於身分的安全管理平台,可從網路、使用者設備收集資訊,並在網路基礎設施中實施策略和制定監管決策,近日Cisco發布重大資安漏洞公告。

【CVE-2026-20180,CVSS:9.9 和 CVE-2026-20186,CVSS:9.9】 皆為遠端執行程式碼漏洞,允許經身分驗證的遠端攻擊者,可在受影響的底層作業系統上執行任意命令。
若利用該漏洞,成功利用此漏洞的前提為攻擊者至少具備唯讀管理者權限。

【CVE-2026-20147,CVSS:9.9】 此漏洞允許經身分驗證的遠端攻擊者在受影響設備的底層作業系統上執行任意命令,成功利用此漏洞的前提為攻擊者至少擁有有效的管理員憑證。

[影響平台]
Cisco ISE 3.2(含)之前版本
Cisco ISE 3.2版本
Cisco ISE 3.3版本
Cisco ISE 3.4版本
Cisco ISE 或 Cisco ISE-PIC 3.1(含)之前版本
Cisco ISE 或 Cisco ISE-PIC 3.2版本
Cisco ISE 或 Cisco ISE-PIC 3.3版本
Cisco ISE 或 Cisco ISE-PIC 3.4版本
Cisco ISE 或 Cisco ISE-PIC 3.5版本

[建議措施]
請更新至以下版本
【CVE-2026-20180、CVE-2026-20186】 Cisco ISE 3.2 Patch 8 Cisco ISE 3.3 Patch 8 Cisco ISE 3.4 Patch 5

【CVE-2026-20147】 Cisco ISE 或 Cisco ISE-PIC 3.1 Patch 11 Cisco ISE 或 Cisco ISE-PIC 3.2 Patch 10 Cisco ISE 或 Cisco ISE-PIC 3.3 Patch 11 Cisco ISE 或 Cisco ISE-PIC 3.4 Patch 6 Cisco ISE 或 Cisco ISE-PIC 3.5 Patch 3

備註:Cisco ISE-PIC已停止販售,3.4版本是最後一個支援的版本

[參考資料]
1. https://www.twcert.org.tw/tw/cp-169-10849-9d3d6-1.html

Forwarded from Taiwan Computer Network Crisis Management and Coordination Center: Cybersecurity Alert TWCERTCC-200-202604-00000018

[Content Description]
Cisco's Identity Services Engine (ISE) is an identity-based security management platform that collects information from networks and user devices, and implements policies and makes regulatory decisions within network infrastructure. Recently, Cisco released a major cybersecurity vulnerability announcement.

【CVE-2026-20180, CVSS: 9.9 and CVE-2026-20186, CVSS: 9.9】are remote code execution vulnerabilities that allow an authenticated remote attacker to execute arbitrary commands on the affected underlying operating system.
Successful exploitation of this vulnerability requires the attacker to have at least read-only administrator privileges.

【CVE-2026-20147, CVSS: 9.9】This vulnerability allows an authenticated remote attacker to execute arbitrary commands on the underlying operating system of an affected device. Successful exploitation requires the attacker to possess at least valid administrator credentials.

[Affected Platforms]
Cisco ISE versions 3.2 and earlier
Cisco ISE version 3.2
Cisco ISE version 3.3
Cisco ISE version 3.4
Cisco ISE or Cisco ISE-PIC versions 3.1 and earlier
Cisco ISE or Cisco ISE-PIC version 3.2
Cisco ISE or Cisco ISE-PIC version 3.3
Cisco ISE or Cisco ISE-PIC version 3.4
Cisco ISE or Cisco ISE-PIC version 3.5

[Recommended Actions]
Please update to the following versions:
【CVE-2026-20180, CVE-2026-20186】Cisco ISE 3.2 Patch 8 Cisco ISE 3.3 Patch 8 Cisco ISE 3.4 Patch 5

【CVE-2026-20147】Cisco ISE or Cisco ISE-PIC 3.1 Patch 11; Cisco ISE or Cisco ISE-PIC 3.2 Patch 10; Cisco ISE or Cisco ISE-PIC 3.3 Patch 11; Cisco ISE or Cisco ISE-PIC 3.4 Patch 6; Cisco ISE or Cisco ISE-PIC 3.5 Patch 3

Note: Cisco ISE-PIC is no longer sold; version 3.4 is the last supported version.

[References]
1. https://www.twcert.org.tw/tw/cp-169-10849-9d3d6-1.html


相關附件
system_update_alt參考資料
【返回上頁】
Top↑