logo

Cisco Confirms Active Exploitation of Unified CM Vulnerability CVE-2026-20230

ID: d12e8b07-66c2-53a4-91c6-4c84cb994dd3

STIX ID: report--d12e8b07-66c2-53a4-91c6-4c84cb994dd3

Feed Name: ThreatCluster

Threat Score
75/100

Date Published: 2026-07-02

Date Updated: 2026-07-03

...
...

Cisco confirmed CVE-2026-20230 in Unified Communications Manager enables SSRF leading to arbitrary file creation on systems with the WebDialer service enabled; the issue was patched on 2026-06-03, active exploitation was reported on 2026-06-22, and CISA declared it exploited in the wild. Cisco urges upgrades to fixed versions 14SU6/15SU5 and provides mitigations; approximately 200 instances remain exposed online, concentrated in Asia and North America.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.