The hits keep on coming for Cisco vulnerabilities
ID: 62fd2e12-4750-5244-9658-90f1ad4e4aad
STIX ID: report--62fd2e12-4750-5244-9658-90f1ad4e4aad
Feed Name: The Register (Security)
Two Cisco vulnerabilities are being actively exploited in the wild: CVE-2026-20230 (a WebDialer SSRF in Unified Communications Manager used to deploy a rogue Axis service and JSP file-writers) and CVE-2026-20245 (an SD-WAN zero-day that attackers used to escalate a compromised admin account to root, create a persistent 'troot' account, and exfiltrate SD‑WAN fabric configurations). Security firms Defused and Mandiant observed exploitation activity, including abuse of SD‑WAN peering/SSH for initial access and crafted payload uploads, posing significant risk to network visibility and long-term espionage on affected environments.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
