HIGHAi
Verified
Global

Critical Cisco NX-OS Command Injection Affects Data Center Switches

·Source: Cisco PSIRT

Updated:

Executive Summary

Command injection in Cisco NX-OS CLI allows authenticated users to escalate to root on Nexus data center switches. PoC exploit published.

Analysis

CVE-2026-20356 is a command injection in the NX-OS CLI that allows an authenticated user with basic access to execute arbitrary commands as root. A public PoC exploit was published within 48 hours of Cisco disclosure. Affects Nexus 3000, 5000, 7000, and 9000 series switches — the backbone of many enterprise data centers.

Timeline

Discovered
Mar 4, 2026
Published
Mar 11, 2026
Patch Available
Mar 11, 2026

Indicators of Compromise (1)

CVE (1)
CVE-2026-20356
NVDMITRE CVE
Source Attribution

Originally published by Cisco PSIRT on Mar 11, 2026. Verified by: Cisco PSIRT, CISA.

Related Threats

MEDIUMAiNEW

Shifting Budget Dynamics for Identity Security and AI Agents

AI agent projects are proliferating throughout the enterprise, and those AI agent identities require management, security, and governance. New Omdia research shows the AI agent identity budget dynamics are very different than traditional IAM projects.

Dark Reading
MEDIUMAi

AI-Powered App Attacks Are Faster, More Frequent and Harder to Stop

Digital.ai’s latest threat report warns that agentic AI has erased the distinction between emerging and primary targets, enabling attackers to strike mobile apps within hours of release across every industry. The post AI-Powered App Attacks Are Faster, More Frequent and Harder to Stop appeared first on SecurityWeek .

SecurityWeek
MEDIUMAi

1Password Teams With OpenAI to Stop AI Coding Agents From Leaking Credentials

1Password says AI coding agents should never hold persistent secrets, introducing a just-in-time credential model for OpenAI Codex designed to keep credentials out of prompts, code repositories, and model context. The post 1Password Teams With OpenAI to Stop AI Coding Agents From Leaking Credentials appeared first on SecurityWeek .

SecurityWeek