What is CVE-2026-20230?

This is a critical SSRF vulnerability in Cisco Unified Communications Manager that allows remote attackers to execute arbitrary code without authentication. The flaw is already being actively exploited in real-world attacks.

Which systems are at risk?

All unpatched versions of Cisco Unified CM are vulnerable. The flaw affects servers managing enterprise voice and video communications.

How can organizations protect themselves?

Immediately install the security patches released by Cisco. Restrict external access to vulnerable systems and monitor network traffic for suspicious activity.

← All news

Security

Cyberattacks Exploiting Cisco Unified CM Vulnerability: CVE-2026-20230 Under Fire

June 23, 2026

Photo: BleepingComputer

Quick answer

Threat actors have begun actively exploiting the critical SSRF vulnerability CVE-2026-20230 in Cisco Unified Communications Manager.

Cisco has confirmed that threat actors are actively exploiting a critical vulnerability in its Unified Communications Manager (Unified CM) platform. The flaw, identified as CVE-2026-20230, is classified as a Server-Side Request Forgery (SSRF) vulnerability and enables remote attackers to execute arbitrary code without prior authentication.

This vulnerability affects servers responsible for managing corporate voice and video communications. Successful exploitation could grant attackers control over the system, allowing them to intercept sensitive data or disrupt infrastructure operations. Security experts report a rising number of incidents and urge administrators to urgently update their software.

While Cisco has released patches, many organizations have yet to apply them. Cybersecurity professionals recommend not only updating systems but also restricting external access to vulnerable servers and configuring traffic monitoring to detect suspicious activity.

The CVE-2026-20230 vulnerability has been assigned a high severity rating, underscoring the need for immediate action. Ignoring the threat could lead to severe consequences, including data breaches and failures in critical service operations.

Common questions

What is CVE-2026-20230?: This is a critical SSRF vulnerability in Cisco Unified Communications Manager that allows remote attackers to execute arbitrary code without authentication. The flaw is already being actively exploited in real-world attacks.
Which systems are at risk?: All unpatched versions of Cisco Unified CM are vulnerable. The flaw affects servers managing enterprise voice and video communications.
How can organizations protect themselves?: Immediately install the security patches released by Cisco. Restrict external access to vulnerable systems and monitor network traffic for suspicious activity.

Dzen feed: /feed/dzen.xml · RSS: /feed.xml