Cisco IOS XE Software Secure Channel for Meraki Information Disclosure Vulnerability

Monitor6.1cisco-sa-iosxe_infodis-6J847uEBMar 25, 2026

Cisco

IT in OT - Cisco networking products are commonly deployed in OT environments

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityHigh

User InteractionRequired

Summary

A vulnerability in Cisco IOS XE Software Secure Channel for Meraki allows remote attackers to view sensitive device configuration information through an insecure tunnel used for device configuration uploads to Cisco Meraki Dashboard. An attacker positioned on the network path between the affected device and the Meraki Dashboard could intercept and read confidential information such as configuration data. Affected versions are IOS XE 17.14.1 through 17.18.1w. Cisco has released software updates to fix this issue.

What this means

What could happen

An attacker positioned between your Meraki-enabled router and the Cisco Meraki Dashboard could intercept and read sensitive device configuration data that would normally be kept private, such as credentials, network settings, and system details.

Who's at risk

Network operators managing Cisco IOS XE devices connected to Cisco Meraki Dashboard should care about this issue. It affects Meraki-managed routers and switches that upload configuration data to the Meraki cloud dashboard. If your site uses Meraki management, your devices are at risk.

How it could be exploited

An attacker performs a man-in-the-middle (on-path) attack against the network traffic between the affected Cisco IOS XE device and the Meraki Dashboard. Because the device configuration upload happens over an insecure tunnel, the attacker can capture and decrypt the confidential information flowing through that channel.

Prerequisites

Network position on the path between the affected device and Cisco Meraki Dashboard (man-in-the-middle capability)
Device running affected Cisco IOS XE versions communicating with Meraki Dashboard

remotely exploitablelow complexityrequires network position between device and Meraki cloud

Exploitability

Unlikely to be exploited — EPSS score 0.0%

Affected products (1)

ProductAffected VersionsFix Status

Cisco IOS XE Software Secure Channel for Meraki17.14.1 through 17.18.1wFix available

Remediation & Mitigation

0/1

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Cisco IOS XE Software to version 17.18.2w or later on all affected Meraki-enabled routers

CVEs (1)

CVE-2026-20115

View full vendor advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/c101aea2-a107-47dd-b1b9-f23450b26ebf

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.