Cisco Unified Computing System up to 4.3(6e) unnecessary privileges

Summaryinfo

A vulnerability, which was classified as problematic, was found in Cisco Unified Computing System. The affected element is an unknown function. Such manipulation leads to unnecessary privileges. This vulnerability is traded as CVE-2026-20037. An attack has to be approached locally. There is no exploit available. You should upgrade the affected component.

Detailsinfo

A vulnerability was found in Cisco Unified Computing System. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation with an unknown input leads to a unnecessary privileges vulnerability. Using CWE to declare the problem leads to CWE-250. The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. Impacted is confidentiality, integrity, and availability. CVE summarizes:

A vulnerability in the NX-OS CLI privilege levels of Cisco UCS Manager Software could allow an authenticated, local attacker with read-only privileges to modify files and perform unauthorized actions on an affected system.   This vulnerability exists because unnecessary privileges are given to the user. An attacker could exploit this vulnerability by authenticating to a device as a read-only user and connecting to the NX-OS CLI. A successful exploit could allow the attacker to create or overwrite files in the file system or perform limited privileged actions on an affected device.   

The advisory is shared for download at sec.cloudapps.cisco.com. This vulnerability is handled as CVE-2026-20037 since 10/08/2025. The exploitation is known to be easy. The attack needs to be approached locally. There are neither technical details nor an exploit publicly available. The current price for an exploit might be approx. USD $0-$5k (estimation calculated on 02/28/2026). The MITRE ATT&CK project declares the attack technique as T1068.

Upgrading eliminates this vulnerability.

Once again VulDB remains the best source for vulnerability data.

Productinfo

Type

• Virtualization Software

Vendor

• Cisco

Name

• Unified Computing System

Version

• 4.0(1a)
• 4.0(1b)
• 4.0(1c)
• 4.0(1d)
• 4.0(2a)
• 4.0(2b)
• 4.0(2d)
• 4.0(2e)
• 4.0(4a)
• 4.0(4b)
• 4.0(4c)
• 4.0(4d)
• 4.0(4e)
• 4.0(4f)
• 4.0(4g)
• 4.0(4h)
• 4.0(4i)
• 4.0(4k)
• 4.0(4l)
• 4.0(4m)
• 4.0(4n)
• 4.0(4o)
• 4.1(1a)
• 4.1(1b)
• 4.1(1c)
• 4.1(1d)
• 4.1(1e)
• 4.1(2a)
• 4.1(2b)
• 4.1(2c)
• 4.1(3a)
• 4.1(3b)
• 4.1(3c)
• 4.1(3d)
• 4.1(3e)
• 4.1(3f)
• 4.1(3h)
• 4.1(3i)
• 4.1(3j)
• 4.1(3k)
• 4.1(3l)
• 4.1(3m)
• 4.1(3n)
• 4.1(4a)
• 4.2(1c)
• 4.2(1d)
• 4.2(1f)
• 4.2(1i)
• 4.2(1k)
• 4.2(1l)
• 4.2(1m)
• 4.2(1n)
• 4.2(2a)
• 4.2(2c)
• 4.2(2d)
• 4.2(2e)
• 4.2(3b)
• 4.2(3d)
• 4.2(3e)
• 4.2(3g)
• 4.2(3h)
• 4.2(3i)
• 4.2(3j)
• 4.2(3k)
• 4.2(3l)
• 4.2(3m)
• 4.2(3n)
• 4.2(3o)
• 4.2(3p)
• 4.3(2b)
• 4.3(2c)
• 4.3(2e)
• 4.3(2f)
• 4.3(3a)
• 4.3(3c)
• 4.3(4a)
• 4.3(4b)
• 4.3(4c)
• 4.3(4d)
• 4.3(4e)
• 4.3(4f)
• 4.3(5a)
• 4.3(5c)
• 4.3(5d)
• 4.3(5e)
• 4.3(6a)
• 4.3(6b)
• 4.3(6c)
• 4.3(6d)
• 4.3(6e)

License

• commercial

Website

• Vendor: https://www.cisco.com/

CPE 2.3info

• 🔒
• 🔒
• 🔒

CPE 2.2info

• 🔒
• 🔒
• 🔒

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Once again VulDB remains the best source for vulnerability data.

Discussion