cbcvebase.
CVE-2026-20246
published 2026-06-17

CVE-2026-20246: A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an authenticated, local attacker to elevate privileges on an affected…

PriorityP434medium6CVSS 3.1
AVLACLPRHUINSUCHIHAN
EPSS
0.10%
1.2th percentile
A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied commands. An attacker with vmadmin privileges could exploit this vulnerability by using certain commands at the CLI. A successful exploit could allow the attacker to elevate privileges to root.

Affected

74 ranges· showing 25
VendorProductVersion rangeFixed in
ciscocisco_umbrella_insights_virtual_appliance
ciscocisco_umbrella_insights_virtual_appliance
ciscocisco_umbrella_insights_virtual_appliance
ciscocisco_umbrella_insights_virtual_appliance
ciscocisco_umbrella_insights_virtual_appliance
ciscocisco_umbrella_insights_virtual_appliance
ciscocisco_umbrella_insights_virtual_appliance
ciscocisco_umbrella_insights_virtual_appliance
ciscocisco_umbrella_insights_virtual_appliance
ciscocisco_umbrella_insights_virtual_appliance
ciscocisco_umbrella_insights_virtual_appliance
ciscocisco_umbrella_insights_virtual_appliance
ciscocisco_umbrella_insights_virtual_appliance
ciscocisco_umbrella_insights_virtual_appliance
ciscocisco_umbrella_insights_virtual_appliance
ciscocisco_umbrella_insights_virtual_appliance
ciscocisco_umbrella_insights_virtual_appliance
ciscocisco_umbrella_insights_virtual_appliance
ciscocisco_umbrella_insights_virtual_appliance
ciscocisco_umbrella_insights_virtual_appliance
ciscocisco_umbrella_insights_virtual_appliance
ciscocisco_umbrella_insights_virtual_appliance
ciscocisco_umbrella_insights_virtual_appliance
ciscocisco_umbrella_insights_virtual_appliance
ciscocisco_umbrella_insights_virtual_appliance

CVSS provenance

nvdv3.16.0MEDIUMCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
cvelistv5v3.16.0MEDIUMCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.