Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Cisco Webex Services improper certificate validation in SSO security flaw (CVE-2026-20184)

Vulnerability
First reported
Last updated
Happening score
H score 0
1 unique sources, 1 articles

Summary

Hide ▲

CVE-2026-20184 in Cisco Webex Services exposed the SSO integration with Control Hub to remote, no-privilege impersonation risk, creating unauthorized-access exposure through a crafted token. Cisco has already fixed the flaw in the service, but affected customers must upload a new SAML certificate to keep SSO working. Cisco also said there was no evidence of exploitation in attacks.

Related Happenings

Cisco ISE and ISE-PIC input-validation RCE (CVE-2026-20147)

Vulnerability
First: 16.04.2026 14:27 Last: 16.04.2026 14:27 Sources 1

About this happening: Cisco's **CVE-2026-20147** flaw in **Identity Services Engine (ISE)** and **ISE-PIC** can let authenticated admins reach **remote code execution** by sending **crafted HTTP reques...

Open Happening

Cisco hit by cyberattack

Incident
First: 31.03.2026 20:53 Last: 31.03.2026 20:53 Sources 1

About this happening: The **Cisco** incident is a **cyberattack** on its **internal development environment** that exposed **source code** and **credentials**. Attackers used stolen credentials linked...

Open Happening

CISA urgent mitigation order for Cisco FMC CVE-2026-20131

Advisory/Mitigation
First: 23.03.2026 12:30 Last: 23.03.2026 12:30 Sources 1

About this happening: **CISA** ordered **federal civilian agencies** to patch **CVE-2026-20131** in **Cisco Secure Firewall Management Center (FMC)** within **three days** or discontinue use if mitigat...

Open Happening

Interlock Cisco Secure Firewall Management Center zero-day exploitation wave

Exploitation Wave
First: 18.03.2026 18:53 Last: 18.03.2026 18:53 Sources 1

About this happening: A **zero-day exploitation wave** tied to **Interlock** has been hitting **Cisco Secure Firewall Management Center (FMC)**, putting **enterprise firewalls** at risk before patching...

Open Happening

Cisco Catalyst SD-WAN active exploitation wave

Exploitation Wave
First: 05.03.2026 14:15 Last: 05.03.2026 14:15 Sources 1

About this happening: **Cisco** confirmed **active exploitation** of **two recently patched Catalyst SD-WAN vulnerabilities**, creating immediate risk for exposed systems that have not been fully remed...

Open Happening

Timeline

  1. 16.04.2026 15:01 2 articles · 1mo ago

    Cisco releases Webex Services fix and SAML certificate guidance

    Mitigation Patch Update

    Cisco released security updates for CVE-2026-20184 in Webex Services, fixing an improper certificate validation flaw in the SSO integration with Control Hub that could let remote attackers with no privileges impersonate any user and gain unauthorized access. Cisco said customers who use SSO must upload a new SAML certificate for their identity provider to Control Hub to avoid service interruption, and PSIRT reported no evidence that the flaw had been exploited in attacks.

    Show sources
    Open in new tab