Critical Cisco IMC Authentication Bypass Allows Remote Administrative Takeover

Cisco patched a critical authentication bypass (CVE-2026-20093) in its Integrated Management Controller that allows unauthenticated attackers to gain Admin access by changing passwords via crafted HTTP requests.