Cisco has released patches for 15 security vulnerabilities, including critical flaws in its Webex and Identity Services Engine platforms. The most severe issue is in Webex single sign-on integration, which could allow unauthenticated attackers to impersonate any user due to improper certificate validation. Three critical vulnerabilities in Identity Services Engine could let authenticated attackers with limited privileges execute arbitrary commands and escalate to root access on the underlying operating system.