CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

Cisco security advisory (AV26-613)

critical
Serial number: AV26-613 Date: June 17, 2026 On June 17, 2026, Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following product: Cisco ISE (Identity Services Engine) and Cisco ISE-PIC (Passive Identity Connector) Cisco ISE and ISE-PIC Releases prior to 3.3 - all versions Cisco ISE and ISE-PIC Release 3.3 - versions prior to 3.3 Patch 11 Cisco ISE and ISE-PIC Release 3.4 - versions prior to 3.4 Patch 6 Cisco ISE and ISE-PIC Release 3.5 - versions prior to 3.5 Patch 4 (August 2026) The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates, when available. Cisco Identity Services Engine Remote Code Execution and Information Disclosure Vulnerabilities Cisco Security Advisories

CSIRTS triage

vendor: Ciscoproduct: Cisco ISERemote code executionInformation disclosureaffected: prior to 3.3 - all versions; 3.3 - prior to 3.3 Patch 11; 3.4 - prior to 3.4 Patch 6; 3.5 - prior to 3.5 Patch 4
What
Remote Code Execution and Information Disclosure vulnerabilities in Cisco ISE.
Who is affected
Users of Cisco ISE and ISE-PIC versions prior to the specified patches.
Urgency
Critical remediation is needed due to the severity of the vulnerabilities.
Action
Update to the latest patches for Cisco ISE and ISE-PIC.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch Cisco ISE

Get an email when a new Cisco ISE advisory drops — max one per day, one-click unsubscribe.

Details

Source
Canadian Centre for Cyber Security (CA · national-cert · site)
Severity
critical
Published
2026-06-17
Exploitation
Not in CISA KEV at last sync

Original advisory: https://cyber.gc.ca/en/alerts-advisories/cisco-security-advisory-av26-613

More from Canadian Centre for Cyber Security