CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-20246

mediumcovered by 1 sourcefirst seen 2026-06-17
A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied commands. An attacker with vmadmin privileges could exploit this vulnerability by using certain commands at the CLI. A successful exploit could allow the attacker to elevate privileges to root. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-umbrella-priv-esc-F4wJB7AU Security Impact Rating: Medium CVE: CVE-2026-20246

CSIRTS triage

What
A privilege escalation vulnerability could allow an authenticated attacker to elevate privileges on the device.
Who is affected
Authenticated users with vmadmin privileges on the Cisco Umbrella Virtual Appliance.
Urgency
Remediation is urgent due to the potential for privilege escalation to root.
Action
Users should apply the software updates released by Cisco.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2026-20246

Get an email if CVE-2026-20246 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (1)

External references

NVD record for CVE-2026-20246

CVE.org record

Embed the live status

CVE-2026-20246 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-20246 status](https://www.csirts.com/badge/CVE-2026-20246)](https://www.csirts.com/cve/CVE-2026-20246)