Tag: CVE-2026-20029

Cisco Identity Services Engine XML External Entity Processing Information Disclosure Vulnerability (CVE-2026-20029)

Posted by Author Diksha Ojha on Posted on

Cisco released a security advisory to address a medium-severity vulnerability impacting Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC. Tracked as CVE-2026-20029, the vulnerability may allow an authenticated, remote attacker with administrative privileges to gain access to sensitive information. Cisco mentioned in their advisory that “Cisco PSIRT is aware that proof-of-concept exploit code is available for the … Continue reading “Cisco Identity Services Engine XML External Entity Processing Information Disclosure Vulnerability (CVE-2026-20029)”