CVE-2026-20161 MEDIUM

CVE-2026-20161: Cisco ThousandEyes Enterprise Agent Arbitrary File Overwrite Vulnerability

Vendor Cisco
Product Cisco ThousandEyes Enterprise Agent
Weakness CWE-59
Published April 15, 2026
Last update April 15, 2026

CVSS base score

5.5/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

What the vulnerability does

01Description

A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent could allow an authenticated, local attacker with low privileges to overwrite arbitrary files on the local system of an affected device. This vulnerability is due to improper access controls on files that are on the local file system of an affected device. An attacker could exploit this vulnerability by placing a symbolic link in a specific location on the local file system. A successful exploit could allow the attacker to bypass file system permissions and overwrite arbitrary files on the affected device.

Key dates

02Disclosure timeline

April 15, 2026 CVE published
April 15, 2026 Record updated