Latest Cisco Smart Software Manager On-Prem vulnerabilities: CVE-2026-20160, and CVE-2026-20151 #
Cisco disclosed in two advisories that multiple vulnerabilities have been identified in versions of their Smart Software Manager On-Prem (SSM On-Prem).
- CVE-2026-20160: A vulnerability that could allow a remote, unauthenticated attacker to execute arbitrary commands on the underlying operating system of an affected host. This issue stems from the unintentional exposure of an internal service. An attacker could exploit this by sending a crafted request to the exposed service's API. A successful exploit could grant the attacker root level privileges on the underlying operating system. This vulnerability has been designated CVE-2026-20160 and has been rated critical with a CVSS score of 9.8.
- CVE-2026-20151: A vulnerability in the web interface that could allow a remote, low-privileged attacker (System User role) to elevate their privileges. This flaw exists due to the improper transmission of sensitive user information. An attacker could exploit this by sending a crafted message to the host and retrieving session credentials from subsequent status messages. This would allow an attacker to elevate their role from System User to administrative. Note: This vulnerability only exposes information regarding users currently logged into the web interface; SSH sessions are not affected. This vulnerability has been designated CVE-2026-20151 and has been rated high with a CVSS score of 7.3.
The following versions are affected by one or both vulnerabilities:
- CVE-2026-20151: Cisco SSM On-Prem versions 9-202510 and earlier.
- CVE-2026-20160: Cisco SSM On-Prem versions 9-202502 through 9-202510.
What is Cisco Smart Software Manager On-Prem? #
Cisco Smart Software Manager On-Prem is a local virtual appliance that enables organizations to manage and track Cisco software licenses within a private network, eliminating the need to connect individual devices directly to Cisco's cloud-based licensing portal.
What is the impact? #
Successful exploitation of these vulnerabilities would allow an adversary to execute arbitrary code on the vulnerable host, potentially leading to complete system compromise.
Are updates or workarounds available? #
Users are encouraged to update to the latest version as quickly as possible:
- Cisco SSM On-Prem: Upgrade to 9-202601 or later.
How to find potentially vulnerable systems with runZero #
From the Service inventory, use the following query to locate potentially impacted assets:
_asset.protocol:http AND protocol:http AND html.title:="On-Prem License Workspace"
