- Cisco fixes four critical bugs in Webex Services, including SSO and Identity Services Engine RCE bugs
- No exploit reported before fixes; users must update SAML certificates in Control Hub
- Separate IOS XE bug causes Wi-Fi access points to blow logs and fail updates, affecting 230+ models
Cisco has pushed a new patch to address four critical vulnerabilities plaguing its cloud-based Webex Services platform — and has also warned users of Wi-Fi access points about a bug in certain versions of IOS XE that could result in a device’s bootloop.
Webex Services is a communication and collaboration platform that lets people hold video meetings, send messages, make calls and share files, all from one place.
It was found vulnerable to four flaws: CVE-2026-20184 (9.8/10 – a single sign-on (SSO) integration vulnerability), CVE-2026-20147 (9.9/10 – a remote code execution flaw in Cisco ISE and Cisco ISE-PIC), CVE-201820, CVE-201820 CVE-2026-20186 (9.9/10 Arbitrary Code Execution Vulnerability in Cisco Identity Services Engine).
The article continues below
Patch now
Apparently, no threat actors found these flaws until they were fixed: “Before this vulnerability was fixed, an attacker could have exploited this vulnerability by connecting to a service endpoint and providing a crafted token,” Cisco said in its security advisory.
“A successful exploit could have allowed the attacker to gain unauthorized access to legitimate Cisco Webex services.”
While Cisco fixed the bugs, it also emphasized that those using SSO integration must upload a new SAML certificate for their identity provider (IdP) to Control Hub.
Inflated access points
At the same time, the company warned its access point users of a bug that could render their devices unusable. In a separate advisory, Cisco said how “certain Cisco Access Points (APs) may not be able to download new software images or Access Point Service Packs” because an updated library in Cisco IOS XE generates a log file that grows by 5MB each day.
The file, which cannot be deleted from the command line interface, will continue to grow until there is no more space on the disk, essentially preventing any further updates from being installed on the device.
Versions 17.12.4, 17.12.5, 17.12.6 and 17.12.6a are affected, it said. In total, more than 230 different models are at risk, Cisco said.
“The longer an AP runs the affected software, the greater the likelihood that a software download will fail due to insufficient disk space,” the notice reads.
Users should therefore move to a version that does not blow up the device, but it is not such a straightforward process. Cisco released a detailed guide, so if you use the company’s APs, be sure to read it here.
Via The register
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
