cvedb.io
CVE-2026-20246
MEDIUM · CVSS 6
EPSS exploitation probability: 0%
Published 2026-06-17T17:16:43.423 · Last modified 2026-06-22T13:24:17.140

Summary

A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied commands. An attacker with vmadmin privileges could exploit this vulnerability by using certain commands at the CLI. A successful exploit could allow the attacker to elevate privileges to root.

Affected products

cisco — umbrella_virtual_appliance

Does this affect you?

Add your gear to cvedb and we'll alert you only when cisco ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.