Cisco Patches Critical Vulnerability in Secure Workload

Cisco on Wednesday announced patches for a critical-severity vulnerability in Secure Workload that could allow attackers to access site resources with Site Admin privileges.

The flaw, tracked as CVE-2026-20223 (CVSS score of 10/10), exists due to insufficient validation and authentication in the REST API endpoints.

“An attacker could exploit this vulnerability if they are able to send a crafted API request to an affected endpoint,” Cisco notes in its advisory.

Successful exploitation of the security defect allows an attacker to read sensitive information and modify configurations across tenant boundaries, with Site Admin privileges.

“This vulnerability affects Cisco Secure Workload Cluster Software on SaaS and on-prem deployments, regardless of device configuration. This vulnerability affects only internal REST APIs and does not affect the web-based management interface,” Cisco explains.

Cisco Patches Critical Vulnerability in Secure Workload

Other newsrooms on this story

Related reading

Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access

Other newsrooms on this story

Related reading

Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access

Max severity Cisco Secure Workload flaw gives Site Admin privileges

Cisco serves up yet another perfect 10 bug with Secure Workload admin flaw

Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks

Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin…

Cisco stopft Sicherheitsleck mit Höchstwertung in Secure Workload