Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and Catalyst 9000 Family Wireless Controllers Privilege Escalation Vulnerability
Description
Authenticated local attacker can escalate to level 15 privileges on Cisco Catalyst 9000 switches and wireless controllers via insufficient CLI command validation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Authenticated local attacker can escalate to level 15 privileges on Cisco Catalyst 9000 switches and wireless controllers via insufficient CLI command validation.
Vulnerability
A privilege escalation vulnerability exists in the CLI of Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and Cisco Catalyst 9000 Family Wireless Controllers [1]. The issue is due to insufficient validation of user privileges after the user executes certain CLI commands [1]. Affected devices include those running vulnerable versions of Cisco IOS XE Software on the Catalyst 9000 series [1].
Exploitation
An attacker must have authenticated access to the affected device as a low-privileged user [1]. The attacker then executes certain CLI commands that trigger the insufficient validation [1]. No user interaction or additional privileges are required beyond the initial low-privileged access [1].
Impact
A successful exploit allows the attacker to execute arbitrary commands with level 15 privileges on the affected device [1]. Level 15 is the highest privilege level, granting full administrative access [1]. This results in complete compromise of the device's confidentiality, integrity, and availability [1].
Mitigation
Cisco has released free software updates to address this vulnerability [1]. Customers with service contracts should obtain fixed software through their usual update channels [1]. The advisory provides details on affected versions and specific fixed releases [1]. There is no mention of a workaround for devices that cannot be immediately upgraded [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- Range: n/a
Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
1- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-priv-esc-ybvHKO5mitrevendor-advisoryx_refsource_CISCO
News mentions
0No linked articles in our index yet.