Alert GCSA-26109 - Vulnerabilita' critiche in prodotti Cisco

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ****************************************************************** alert ID: GCSA-26109 data: 19 giugno 2026 titolo: Vulnerabilita' critiche in prodotti Cisco ****************************************************************** :: Descrizione del problema Cisco ha pubblicato alcuni avvisi di sicurezza, con i quali vengono risolte 9 vulnerabilita', delle quali 4 di livello critico. In particolare risulta che la CVE-2026-20262, presente in Cisco Catalyst SD-WAN Manager, sia in corso di sfruttamento. Si tratta dell'ottava vulnerabilita' in Cisco SD-WAN sfruttata nel 2026. Per i prodotti Cisco ISE e Cisco ISE-PIC sono state risolte due vulnerabilita', una con gravita' "critica" (CVE-2026-20181 CVSS 9.1), ed una con gravita' "alta" (CVE-2026-20190 CVSS 7.5). Maggiori informazioni sono disponibili alla sezione "Riferimenti". :: Apparati e software interessati Cisco Catalyst SD-WAN Controller (vSmart) Cisco Catalyst SD-WAN Manager (vManage) Cisco Catalyst SD-WAN Validator (vBond) Cisco Umbrella Virtual Appliance Cisco Webex App Cisco Crosswork Network Controller (CNC) Cisco Identity Services Engine (ISE) Cisco ISE Passive Identity Connector (ISE-PIC) Per una descrizione completa dei dispositivi interessati, si prega di far riferimento ai Security Advisories ufficiali. :: Impatto Arbitrary File Write Esecuzione remota di codice arbitrario (RCE) Bypass delle funzionalita' di sicurezza (SFB) Accesso a dati riservati (ID) Open Redirect Vulnerability Acquisizione di privilegi piu' elevati (EoP) :: Soluzioni Si consiglia di valutare l'impatto delle vulnerabilita' sui dispositivi in uso, e di aggiornare il prima possibile. E' possibile utilizzare Cisco Software Checker https://sec.cloudapps.cisco.com/security/center/softwarechecker.x per determinare il patching appropriato. Prima dell'installazione del software consultare il sito del fornitore per maggiori dettagli. :: Riferimenti Cisco Security Advisories https://sec.cloudapps.cisco.com/security/center/publicationListing.x Cisco Catalyst SD-WAN https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa2-v69WY2SW https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfw-c2rZvQ https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-4uxFrdzx Cisco Identity Services Engine (ISE) https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-G5WP8vv Cisco Crosswork Network Controller (CNC) https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnc-inj-QNMeEmxk Cisco Webex App https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-redirect-KOyxhffH Cisco Umbrella Virtual Appliance https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-umbrella-priv-esc-F4wJB7AU The Hacker News https://thehackernews.com/2026/06/cisco-releases-security-updates-for.html Bleeping Computer https://www.bleepingcomputer.com/news/security/cisco-fixes-sd-wan-vmanage-flaw-exploited-in-zero-day-attacks/ SecurityWeek https://www.securityweek.com/critical-command-execution-vulnerability-patched-in-cisco-ise/ Mitre CVE https://www.cve.org/CVERecord?id=CVE-2026-20262 https://www.cve.org/CVERecord?id=CVE-2026-20245 https://www.cve.org/CVERecord?id=CVE-2026-20246 https://www.cve.org/CVERecord?id=CVE-2026-20181 https://www.cve.org/CVERecord?id=CVE-2026-20182 https://www.cve.org/CVERecord?id=CVE-2026-20190 https://www.cve.org/CVERecord?id=CVE-2026-20178 https://www.cve.org/CVERecord?id=CVE-2026-20220 https://www.cve.org/CVERecord?id=CVE-2026-20127 GARR CERT Security Alert - subscribe/unsubscribe: https://www.cert.garr.it/alert/ricevi-gli-alert-di-cert -----BEGIN PGP SIGNATURE----- iF0EAREIAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCajUJPQAKCRDBnEyTZRJg QruwAKC5PKG063deMpxL3spx2ZHgM7O7WgCfXOKsPTLJWz4mQo9HeSiajQw9ac0= =iB2y -----END PGP SIGNATURE-----