logo

In Less Than 24 Hours, Attackers Weaponize Cisco CUCM Flaw

ID: 54363c50-c21b-59c1-ba0b-f8d575e146c1

STIX ID: report--54363c50-c21b-59c1-ba0b-f8d575e146c1

Feed Name: Dark Reading

Threat Score
88/100

Date Published: 2026-06-25

Date Updated: 2026-06-26

Author: Jai Vijayan

...
...

Attackers are actively exploiting CVE-2026-20230, an SSRF/input-validation flaw in Cisco Unified Communications Manager WebDialer, to deploy malicious Axis services and JSP web shells that enable remote code execution and privilege escalation to root. A public PoC and full exploit chain were released and weaponized within 24 hours, with researchers observing exploitation activity against decoy systems; Cisco has released patches and urged immediate mitigation or disabling of WebDialer.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.