Cisco Confirms In-the-Wild Exploitation of Unified CM Vulnerability

Cisco Confirms In-the-Wild Exploitation of Unified CM Vulnerability
Cisco confirmed that CVE-2026-20230 in Unified CM and Unified CM SME is being actively exploited in the wild, after initially warning that proof-of-concept code existed but no malicious use had been seen. The flaw affects systems with WebDialer enabled and could allow SSRF attacks that lead to arbitrary file writes and potential root access. #Cisco #UnifiedCM #UnifiedCMSME #CVE202620230 #WebDialer

Keypoints

  • Cisco confirmed in-the-wild exploitation of CVE-2026-20230.
  • The flaw is an improper HTTP request validation issue that can enable SSRF attacks.
  • Successful exploitation may allow arbitrary files to be dropped on the operating system.
  • Attackers could use the file write capability to gain root access.
  • Only appliances with WebDialer enabled are vulnerable, and Cisco urges immediate upgrades.

Read More: https://www.securityweek.com/cisco-confirms-in-the-wild-exploitation-of-unified-cm-vulnerability/