🔴 Critical | Source: The Hacker News
A critical vulnerability in Cisco Unified Communications Manager (CVE-2026-20230, CVSS 8.6) allows unauthenticated remote attackers to write arbitrary files, potentially leading to root-level compromise. A public proof-of-concept exploit has accelerated active exploitation by threat actors. This affects both Unified CM and Unified CM SME, which are widely deployed enterprise telephony and call management platforms.
Security Architect’s Take: Apply Cisco’s patch immediately and restrict HTTP access to Unified CM management interfaces via firewall rules or network segmentation — do not expose these systems to the internet. Audit logs for unexpected file creation or HTTP requests matching the exploit pattern as indicators of compromise.
Original advisory: Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root