Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

Cisco Unified Communications Manager security update for CVE-2026-20230

Security Patch Release
First reported
Last updated
Happening score
H score 47
1 unique sources, 1 articles

Summary

Hide ▲

Cisco released security updates for Cisco Unified Communications Manager (Unified CM) to fix CVE-2026-20230, a critical flaw that could let a remote attacker reach root privileges. The update matters because Cisco says public proof-of-concept exploit code is available even though it has not seen active exploitation. Administrators are being told to install 14SU6 or 15SU5 or disable Cisco WebDialer Web Service until patching is complete.

Related Happenings

Cisco Secure Workload REST API patch release (CVE-2026-20223)

Security Patch Release
First: 22.05.2026 08:36 Last: 22.05.2026 08:36 Sources 1

About this happening: Cisco patched **CVE-2026-20223**, a **CVSS 10.0** Secure Workload REST API flaw that could expose sensitive data and allow configuration changes across tenant boundaries. The upda...

Open Happening

Cisco security patch release for CVE-2026-20182

Security Patch Release
First: 14.05.2026 20:45 Last: 14.05.2026 20:45 Sources 1

About this happening: Cisco released **updates** for **CVE-2026-20182**, a **maximum-severity authentication bypass** in **Catalyst SD-WAN Controller/Manager**, after the flaw was **exploited in limite...

Open Happening

Cisco security patch release for CVE-2026-20184

Security Patch Release
First: 16.04.2026 14:27 Last: 16.04.2026 14:27 Sources 1

About this happening: **Cisco** released patches for **four critical flaws** affecting **Identity Services Engine (ISE)**, **ISE-PIC**, and **Webex Services**, closing paths to **arbitrary code executi...

Open Happening

TP-Link security patch release for CVE-2025-15517

Security Patch Release
First: 25.03.2026 13:11 Last: 25.03.2026 13:11 Sources 1

About this happening: **TP-Link** released **security updates** for its **Archer NX** router series to close a critical authentication-bypass flaw that could let attackers upload firmware without loggi...

Open Happening

CISA urgent mitigation order for Cisco FMC CVE-2026-20131

Advisory/Mitigation
First: 23.03.2026 12:30 Last: 23.03.2026 12:30 Sources 1

About this happening: **CISA** ordered **federal civilian agencies** to patch **CVE-2026-20131** in **Cisco Secure Firewall Management Center (FMC)** within **three days** or discontinue use if mitigat...

Open Happening

Timeline

  1. 04.06.2026 14:09 2 articles · 1h ago

    Cisco releases updates for critical Unified CM SSRF flaw

    Initial Disclosure

    Cisco released security updates for Cisco Unified Communications Manager (Unified CM) to address CVE-2026-20230, a critical server-side request forgery (SSRF) flaw that can let an unauthenticated remote attacker write files and potentially elevate to root on affected systems with WebDialer enabled. Cisco says publicly available proof-of-concept exploit code exists, but it has not found evidence of active exploitation or targeting, and it recommends installing Unified CM 14SU6 or 15SU5 or disabling Cisco WebDialer Web Service until patching is complete.

    Show sources
    Open in new tab