Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2026/VULN041
_____________________________________________________________________

DATE                : 15/01/2026

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Cisco Secure Email Gateway And
                          Cisco Secure Email and Web Manager,
                     Cisco Identity Services Engine, 
                     Cisco Evolved Programmable Network Manager and
                      Cisco Prime Infrastructure.

=====================================================================
https://sec.cloudapps.cisco.com/security/center/publicationListing.x
_____________________________________________________________________

Below is the list of Cisco Security Advisories published by Cisco
PSIRT on 2026-January-15.

The following PSIRT security advisories (1 Critical, 3 Medium) were
published at 16:01 UTC today.

Table of Contents:

1) Reports About Cyberattacks Against Cisco Secure Email Gateway And
Cisco Secure Email and Web Manager - SIR: Critical

2) Cisco Identity Services Engine Stored Cross-Site Scripting
Vulnerability - SIR: Medium

3) Cisco Evolved Programmable Network Manager and Cisco Prime
Infrastructure Stored Cross-Site Scripting Vulnerability - SIR: Medium

4) Cisco Identity Services Engine Cross-Site Scripting Vulnerability
- SIR: Medium

+--------------------------------------------------------------------

1) Reports About Cyberattacks Against Cisco Secure Email Gateway And
Cisco Secure Email and Web Manager

CVE-2025-20393

SIR: Critical

CVSS Score v(3.1): 10.0

URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-attack-N9bf4 ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-attack-N9bf4"]

+--------------------------------------------------------------------

2) Cisco Identity Services Engine Stored Cross-Site Scripting
Vulnerability

CVE-2026-20076

SIR: Medium

CVSS Score v(3.1): 4.8

URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss-9TDh2kx ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss-9TDh2kx"]

+--------------------------------------------------------------------

3) Cisco Evolved Programmable Network Manager and Cisco Prime
Infrastructure Stored Cross-Site Scripting Vulnerability

CVE-2026-20075

SIR: Medium

CVSS Score v(3.1): 4.8

URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnm-pi-stored-xss-GEkX8yWK ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnm-pi-stored-xss-GEkX8yWK"]

+--------------------------------------------------------------------

4) Cisco Identity Services Engine Cross-Site Scripting Vulnerability

CVE-2026-20047

SIR: Medium

CVSS Score v(3.1): 4.8

URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss-964cdxW5 ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss-964cdxW5"]


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================