Cisco warns of Identity Service Engine flaw with exploit code

Cisco has released a patch for a critical Identity Services Engine (ISE) vulnerability (CVE-2026-20029) that allows authenticated attackers to read arbitrary files from the operating system. Despite the availability of public proof-of-concept exploit code, Cisco has not observed active exploitation but strongly recommends upgrading to fixed software versions.