Cisco serves up yet another perfect 10 bug with Secure Workload admin flaw

Switchzilla says attackers could access sensitive data and make configuration changes across tenant boundaries through vulnerable internal APIs

Cisco has disclosed yet another perfect 10 vulnerability, this time warning that unauthenticated attackers could gain Site Admin privileges in its Secure Workload platform simply by sending crafted API requests to vulnerable systems.The bug, tracked as CVE-2026-20223, earned the full 10.0 CVSS treatment and affects Cisco Secure Workload Cluster Software in both SaaS and on-prem environments. According to Cisco's barebones advisory, the issue boils down to weak validation and authentication checks in internal REST API endpoints.In practical terms, that means attackers don't require credentials, user interaction, or any significant effort to exploit the bug. Cisco said a successful attack could allow remote attackers to "read sensitive information and make configuration changes across tenant boundaries with the privileges of the Site Admin user."

Cross-tenant bugs tend to make cloud customers especially twitchy because they undermine one of the core assumptions of multi-tenant infrastructure: namely that somebody else's compromise is not supposed to become your problem.

Cisco serves up yet another perfect 10 bug with Secure Workload admin flaw

Other newsrooms on this story

Related reading

Cisco Patches Critical Vulnerability in Secure Workload

Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access

Max severity Cisco Secure Workload flaw gives Site Admin privileges

Maximum Severity Cisco SD-WAN Bug Exploited in the Wild

Emergency Cisco Critical 0Day Update—Attackers Downgrade Security

Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks