(CVE-2026-20147) Cisco Identity Services Engine Authenticated Command Injection in Deployment-RPC Leading to Remote Code Execution

CVE: CVE-2026-20147

Affected Versions: Cisco ISE / ISE-PIC 3.4 prior to Patch 6 (and equivalently 3.1 < P11, 3.2 < P10, 3.3 < P11, 3.5 < P3; releases earlier than 3.1 must migrate)

CVSS3.1: 9.1 (Critical) — CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Related: This advisory covers only CVE-2026-20147. Cisco’s bulletin cisco-sa-ise-rce-traversal-8bYndVrZ bundles a second, unrelated issue — CVE-2026-20148, an authenticated path traversal / arbitrary file read (Medium, CVSS 4.9) — which is not analysed here.