The flaw enables server-side request forgery (SSRF) and escalates privileges to root, impacting Cisco Unified CM and Unified CM SME deployments.

A high-severity SSRF vulnerability, tracked as CVE-2026-20230, in Cisco Unified Communications Manager Server is now being exploited in attacks.

CVE-2026-20230, a recently patched vulnerability affecting Cisco’s Unified Communications Manager, is being exploited in attacks.

Cisco Unified CM CVE-2026-20230 is under active exploitation, allowing file writes on WebDialer-enabled systems.

New details have been revealed on how hackers exploited a Cisco Catalyst SD-WAN vulnerability tracked as CVE-2026-20245 in zero-day attacks to create rogue root accounts on…

Researchers believe rogue peering was used to connect to the victim's SD-WAN devices to gain admin privileges and root-level access.

CVE-2026-20230 under exploitation, while an earlier SD-WAN 0-day looks even worse than we thought

Mandiant says CVE-2026-20245 was exploited as a Cisco SD-WAN zero-day to escalate admin access to root on a provider network.

Mandiant details exploitation of CVE-2026-20245, a Cisco Catalyst SD-WAN vulnerability exploited as a zero-day months prior to disclosure.

The flaw enables server-side request forgery (SSRF) and escalates privileges to root, impacting Cisco Unified CM and Unified CM SME deployments.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is giving federal agencies until Sunday to patch a vulnerability in Cisco Unified Communications Manager Server…