U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Critical Cisco Unified CM Bug Patched as Public Exploit Code Emerges

Cisco patched a critical Unified CM flaw with public PoC code that allows unauthenticated attackers to launch SSRF attacks remotely. Cisco has addressed a high-severity vulnerability, tracked as CVE-2026-20230, affecting Unified CM and Unified CM SME. The flaw, caused by improper validation of certain HTTP requests, allows a remote attacker without authentication to perform server-side […]

Cisco Catalyst

Cisco patched a critical Unified CM flaw with public PoC code that allows unauthenticated attackers to launch SSRF attacks remotely.

Cisco has addressed a high-severity vulnerability, tracked as CVE-2026-20230, affecting Unified CM and Unified CM SME. The flaw, caused by improper validation of certain HTTP requests, allows a remote attacker without authentication to perform server-side request forgery (SSRF) attacks. Cisco warns that public PoC code is available and that successful exploitation could allow attackers to write files that may later be used to gain root privileges.

“This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device.” reads the advisory. “A successful exploit could allow the attacker to write files to the underlying operating system that could be used later to elevate to root.”

Cisco rated this advisory as Critical instead of High because successful exploitation could allow an attacker to escalate privileges to root. However, the risk depends on configuration: the vulnerability can only be exploited if the WebDialer service is enabled, which is disabled by default on affected systems.

There is no full workaround for this vulnerability. The networking giant recommends mitigating risk by disabling the WebDialer service until a patch is applied. Administrators can do this through the Unified CM Administration interface by going to Unified Serviceability, opening Service Activation under Tools, and unchecking the WebDialer Web Service option in the CTI Services section before saving the changes.

Below are the fixed releases:

Cisco Unified CM and Unified CM SME ReleaseFirst Fixed Release
1414SU6
1515SU5 (Sep 2026) or COP1

The company confirms that PoC exploit code for the vulnerability is publicly available. However, the PSIRT is not aware of attacks in the wild exploiting this issue.

“The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory.” concludes the advisory.”The Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory.”

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Cisco)