Medium5.5Cisco Updated
Cisco ThousandEyes Enterprise Agent Arbitrary File Overwrite Vulnerability
cisco-sa-te-agentfilewrite-tqUw3SMU Published Apr 15, 2026Updated by vendor Apr 15, 2026
CVE-2026-20161
Affected products & platforms
CiscoUnclassified
Summary
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent could allow an authenticated, local attacker with low privileges to overwrite arbitrary files on the local system of an affected device. This vulnerability is due to improper access controls on files that are on the local file system of an affected device.
Affected versions
- Scope: At the time of publication, this vulnerability affected Cisco ThousandEyes Enterprise Agent Linux Package installation type, regardless of device configuration.
- Release 1.2 and earlier (first fixed: 1.234.0)
Official advisory · high-confidence parse· fetched 1 day ago·verify at source
Mitigation checklist
Recommended fix / mitigation
- Upgrade to the first fixed release for your train per the Fixed Releases table in this advisory.
- Release 1.2 and earlier: upgrade to 1.234.0.
Temporary workarounds
- There are no workarounds that address this vulnerability.
Official advisory · high-confidence parse· fetched 1 day ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.