I had to patch my ACS 5.2 server couple of times & thought of describing the process here. First of all you need to download the correct patch from Cisco web site. You can find that via  Products->Security->Access Control and Policy->Policy and Access Management->Cisco Secure Access Control System or via this direct link. You should have valid CCO account & ACS product purchased from Cisco with valid contract.ACS-Patching-01

In my case I have downloaded latest patch “5-2-0-26-11.tar.gpg” for my ACS 5.2 server. You need to create a software repository on your ACS before copying this file onto it. You can do this via “System Administration > Operations > Software Repositories” . Here is the screenshot of my software repository created for this.ACS-Patching-02

You can choose multiple protocols, but I selected FTP after doing quick search on web. Lots of users reporting TFTP did not work properly, etc. Here is the complete list of values you can choose from.ACS-Patching-03

I used free FTP server (called FileZilla) installed on my laptop, while creating username password for ACS to talk to it. Then you can install the patch into ACS server by issuing “acs patch install <filename> repository <repository-name> ” CLI command. Here is the screenshot of my file transfer.ACS-Patching-04

You can verify the progress on ACS CLI as well. You should see something similar to this.ACS-Patching-05

Once patch installed you can verify the application status by “show application status acs”  & “show version” CLI commands. Below screenshot confirmed application is running correctly.ACS-Patching-06

If you are using GUI you can confirm the same by clicking “About” button on the ACS admin page