- Cisco fixes four critical flaws in Webex services, including Identity Services Engine SSO and RCE errors
- No exploitation was reported before the fixes; Users must update SAML certificates in Control Hub
- Separate IOS XE bug causes Wi-Fi hotspots to overload registrations and fail updates, affecting more than 230 models
Cisco has released a new patch to address four critical severity vulnerabilities affecting its cloud-based Webex services platform, and has also warned Wi-Fi hotspot users about a bug in certain versions of IOS XE that could result in a device boot loop.
Webex Services is a communication and collaboration platform that allows people to video conference, send messages, make calls, and share files, all from one place.
It was found vulnerable to four flaws: CVE-2026-20184 (9.8/10 – a vulnerability in the single sign-on (SSO) integration), CVE-2026-20147 (9.9/10 – a remote code execution flaw in Cisco ISE and Cisco ISE-PIC), CVE-2026-20180 and CVE-2026-20186 (9.9/10 arbitrary code in Cisco Identity Services Engine).
Article continues below.
Patch now
Apparently, no threat actors found these flaws before they were patched: “Before this vulnerability was addressed, an attacker could have exploited this vulnerability by connecting to a service endpoint and providing a crafted token,” Cisco said in its security advisory.
“A successful exploit could have allowed the attacker to gain unauthorized access to legitimate Cisco Webex services.”
While Cisco fixed the flaws, it also emphasized that those using the SSO integration must upload a new SAML certificate for their identity provider (IdP) to Control Hub.
Bloated access points
At the same time, the company warned users of its hotspots about a bug that could render their devices unusable. In a separate advisory, Cisco said that “certain Cisco access points (APs) may not download new software images or access point service packs,” because an updated library in Cisco IOS XE generates a log file that grows by 5 MB each day.
The file, which cannot be deleted from the command line interface, will continue to grow until there is no more disk space left, essentially preventing any more updates from being installed on the device.
Versions 17.12.4, 17.12.5, 17.12.6, and 17.12.6a were said to be affected. In total, more than 230 different models are at risk, Cisco said.
“The longer an AP runs the affected software, the greater the likelihood that a software download will fail due to insufficient disk space,” the advisory reads.
Therefore, users must upgrade to a version that does not bloat the device, but it is not such a simple process. Cisco published a detailed guide, so if you’re using enterprise APs, be sure to read it here.
Through The Registry
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
