In Less Than 24 Hours, Attackers Weaponize Cisco CUCM Flaw
ID: 54363c50-c21b-59c1-ba0b-f8d575e146c1
STIX ID: report--54363c50-c21b-59c1-ba0b-f8d575e146c1
Feed Name: Dark Reading
Attackers are actively exploiting CVE-2026-20230, an SSRF/input-validation flaw in Cisco Unified Communications Manager WebDialer, to deploy malicious Axis services and JSP web shells that enable remote code execution and privilege escalation to root. A public PoC and full exploit chain were released and weaponized within 24 hours, with researchers observing exploitation activity against decoy systems; Cisco has released patches and urged immediate mitigation or disabling of WebDialer.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
