CVE-2026-20246
published 2026-06-17CVE-2026-20246: A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an authenticated, local attacker to elevate privileges on an affected…
PriorityP434medium6CVSS 3.1
AVLACLPRHUINSUCHIHAN
EPSS
0.10%
1.2th percentile
A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an authenticated, local attacker to elevate privileges on an affected device.
This vulnerability is due to insufficient validation of user-supplied commands. An attacker with vmadmin privileges could exploit this vulnerability by using certain commands at the CLI. A successful exploit could allow the attacker to elevate privileges to root.
Affected
74 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cisco_umbrella_insights_virtual_appliance | — | — |
| cisco | cisco_umbrella_insights_virtual_appliance | — | — |
| cisco | cisco_umbrella_insights_virtual_appliance | — | — |
| cisco | cisco_umbrella_insights_virtual_appliance | — | — |
| cisco | cisco_umbrella_insights_virtual_appliance | — | — |
| cisco | cisco_umbrella_insights_virtual_appliance | — | — |
| cisco | cisco_umbrella_insights_virtual_appliance | — | — |
| cisco | cisco_umbrella_insights_virtual_appliance | — | — |
| cisco | cisco_umbrella_insights_virtual_appliance | — | — |
| cisco | cisco_umbrella_insights_virtual_appliance | — | — |
| cisco | cisco_umbrella_insights_virtual_appliance | — | — |
| cisco | cisco_umbrella_insights_virtual_appliance | — | — |
| cisco | cisco_umbrella_insights_virtual_appliance | — | — |
| cisco | cisco_umbrella_insights_virtual_appliance | — | — |
| cisco | cisco_umbrella_insights_virtual_appliance | — | — |
| cisco | cisco_umbrella_insights_virtual_appliance | — | — |
| cisco | cisco_umbrella_insights_virtual_appliance | — | — |
| cisco | cisco_umbrella_insights_virtual_appliance | — | — |
| cisco | cisco_umbrella_insights_virtual_appliance | — | — |
| cisco | cisco_umbrella_insights_virtual_appliance | — | — |
| cisco | cisco_umbrella_insights_virtual_appliance | — | — |
| cisco | cisco_umbrella_insights_virtual_appliance | — | — |
| cisco | cisco_umbrella_insights_virtual_appliance | — | — |
| cisco | cisco_umbrella_insights_virtual_appliance | — | — |
| cisco | cisco_umbrella_insights_virtual_appliance | — | — |
CVSS provenance
nvdv3.16.0MEDIUMCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
cvelistv5v3.16.0MEDIUMCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Cisco Umbrella Insights Virtual Appliance up to 3.8.3 privileges management (cisco-sa-umbrella-priv-esc-F4wJB7AU / EUVD-2026-37751)
vuldb·2026-06-17
CVE-2026-20246 [CRITICAL] Cisco Umbrella Insights Virtual Appliance up to 3.8.3 privileges management (cisco-sa-umbrella-priv-esc-F4wJB7AU / EUVD-2026-37751)
A vulnerability was found in Cisco Umbrella Insights Virtual Appliance. It has been classified as critical. Impacted is an unknown function. Performing a manipulation results in improper privilege management.
This vulnerability is cataloged as CVE-2026-20246. The attack must be initiated from a local position. There is no exploit available.
Upgrading the affected component is recommended.
GHSA
A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an authenticated, local attacker to elevate privileges on an affected device.
ghsa_unreviewed·2026-06-17
CVE-2026-20246 [MEDIUM] CWE-269 A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an authenticated, local attacker to elevate privileges on an affected device.
A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an authenticated, local attacker to elevate privileges on an affected device.
This vulnerability is due to insufficient validation of user-supplied commands. An attacker with vmadmin privileges could exploit this vulnerability by using certain commands at the CLI. A successful exploit could allow the attacker to elevate privileges to root.
CVEList
Cisco Umbrella Virtual Appliance Privilege Escalation Vulnerability
cvelistv5·2026-06-17·CVSS 6.0
CVE-2026-20246 [MEDIUM] CWE-269 Cisco Umbrella Virtual Appliance Privilege Escalation Vulnerability
Cisco Umbrella Virtual Appliance Privilege Escalation Vulnerability
A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an authenticated, local attacker to elevate privileges on an affected device.
This vulnerability is due to insufficient validation of user-supplied commands. An attacker with vmadmin privileges could exploit this vulnerability by using certain commands at the CLI. A successful exploit could allow the attacker to elevate privileges to root.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-06-17
Published