Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

Cisco Unified CM SSRF root-privilege flaw (CVE-2026-20230)

Vulnerability
First reported
Last updated
Happening score
H score 24
1 unique sources, 1 articles

Summary

Hide ▲

CVE-2026-20230 exposes Cisco Unified CM systems with WebDialer enabled to remote SSRF abuse that can lead to root-level compromise. The flaw can be triggered without privileges and with low complexity. Public proof-of-concept exploit code is available, but Cisco has not found evidence of active exploitation.

Related Happenings

CISA orders FCEB remediation for CVE-2025-60710

Public Sector Action
First: 15.04.2026 17:51 Last: 15.04.2026 17:51 Sources 1

About this happening: CISA added **CVE-2025-60710** to its **actively exploited** catalog and gave **FCEB agencies** **two weeks** to secure systems under **BOD 22-01**. The move targets a **Windows Ta...

Open Happening

CISA urgent mitigation order for Cisco FMC CVE-2026-20131

Advisory/Mitigation
First: 23.03.2026 12:30 Last: 23.03.2026 12:30 Sources 1

About this happening: **CISA** ordered **federal civilian agencies** to patch **CVE-2026-20131** in **Cisco Secure Firewall Management Center (FMC)** within **three days** or discontinue use if mitigat...

Open Happening

Cisco Catalyst SD-WAN active exploitation wave

Exploitation Wave
First: 05.03.2026 14:15 Last: 05.03.2026 14:15 Sources 1

About this happening: **Cisco** confirmed **active exploitation** of **two recently patched Catalyst SD-WAN vulnerabilities**, creating immediate risk for exposed systems that have not been fully remed...

Open Happening

Cisco Unified Communications RCE zero-day (CVE-2026-20045)

Vulnerability
First: 22.01.2026 00:16 Last: 22.01.2026 00:16 Sources 1

About this happening: Cisco has **fixed CVE-2026-20045**, a **critical RCE zero-day** in **Cisco Unified Communications** and **Webex Calling** products that was **actively exploited** in attacks. The...

Open Happening

Cisco IOS XE BadCandy exploitation wave

Exploitation Wave
First: 31.10.2025 17:38 Last: 31.10.2025 17:38 Sources 1

About this happening: Ongoing **BadCandy** exploitation of **unpatched Cisco IOS XE devices** in **Australia** has left **over 150 devices** compromised and enabled repeat re-infection on previously al...

Open Happening

Timeline

  1. 04.06.2026 14:09 2 articles · 1h ago

    Cisco releases Unified CM fixes for CVE-2026-20230

    Initial Disclosure

    Cisco released security updates for Cisco Unified Communications Manager (Unified CM) to address CVE-2026-20230, a critical SSRF flaw that can let a remote unauthenticated attacker write files and later elevate to root when the WebDialer service is enabled. Cisco PSIRT says public proof-of-concept exploit code is available but has not found evidence of active exploitation or targeting. Administrators are advised to install Unified CM 14SU6 or 15SU5, or disable Cisco WebDialer Web Service until a patch is applied.

    Show sources
    Open in new tab