Cisco IMC Vulnerability Allows Attackers to Gain Elevated Privileges

Cisco has issued a security advisory regarding a critical privilege escalation vulnerability (CVE-2025-20261) affecting its Integrated Management Controller (IMC) software used in UCS B-Series, C-Series, S-Series, and X-Series servers.

The flaw, rated with a CVSS base score of 8.8, could allow an authenticated, remote attacker to gain elevated privileges and unauthorized access to internal services via SSH, potentially leading to full system compromise.

The vulnerability stems from insufficient restrictions on access to internal services within the IMC’s SSH connection handling.

An attacker with a valid user account can exploit the flaw by using crafted syntax during SSH connections, enabling them to perform unauthorized modifications, including the creation of new administrator accounts.

Affected Products and Exploitation Details

The vulnerability impacts a wide range of Cisco products if they are running a vulnerable software release and accept incoming SSH connections to the IMC.

Notably, UCS ...