🔴 Critical | Source: CISA Known Exploited Vulnerabilities
A server-side request forgery (SSRF) vulnerability in Cisco Unified Communications Manager (Unified CM and Unified CM SME) allows an unauthenticated remote attacker to write arbitrary files to the underlying operating system. These planted files could subsequently be leveraged to escalate privileges to root, giving an attacker full control of the system. CISA has added this to its Known Exploited Vulnerabilities catalogue, indicating active exploitation in the wild.
Security Architect’s Take: Prioritise patching Cisco Unified CM and Unified CM SME instances before the CISA remediation deadline of 28 June 2026, and in the interim restrict external network access to these systems at the perimeter or via firewall rules to reduce exposure to unauthenticated remote attackers.
Original advisory: CVE-2026-20230: Cisco Unified Communications Manager