CVE-2026-20045: Critical Zero-Day in Cisco Products Is Actively Exploited in the Wild

Cisco patched a critical remote code execution vulnerability (CVE-2026-20045) in Unified CM, SME, IM&P, Unity Connection, and Webex Calling Dedicated Instance that allows attackers to execute commands and escalate to root; the flaw is being actively exploited in the wild, has no workaround, and was added to CISA's Known Exploited Vulnerabilities catalog, prompting urgent patching.