CVE-2026-20246 | A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual… | CVSS 6.0 MEDIUM

Description

A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied commands. An attacker with vmadmin privileges could exploit this vulnerability by using certain commands at the CLI. A successful exploit could allow the attacker to elevate privileges to root.

Metadata

CVE ID: CVE-2026-20246
State: PUBLISHED
Assigner: cisco
Reserved: 2025-10-08 11:59 UTC
Published: 2026-06-17 16:17 UTC
Last updated: 2026-06-17 17:17 UTC
Primary CWE: CWE-269
Improper Privilege Management
Vendor / Product: Cisco / Cisco Umbrella Insights Virtual Appliance
Sources: cve.org · NVD

Severity & Metrics

6.0 MEDIUM CVSS 3.1

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

SSVC — CISA Coordinator

Exploitation: none
Automatable: no
Tech. Impact: total

Affected products (1)

Vendor	Product	Platform	Versions
Cisco	Cisco Umbrella Insights Virtual Appliance	—	2.6.0, 2.5.6, 2.5, 2.4.12 …

Weakness (CWE)

CWE	Source	Description
CWE-269	cna	Improper Privilege Management

CVSS scores (1)

Score	Severity	Version	Source	Vector
6.0	MEDIUM	3.1	cna	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

References (1)

cisco-sa-umbrella-priv-esc-F4wJB7AU https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-umbrella-priv-esc-F4wJB7AU