CVE-2026-20230
Description
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to conduct server-side request forgery (SSRF) attacks through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to write files to the underlying operating system that could be used later to elevate to root. Note: Cisco has assigned this security advisory a Security Impact Rating (SIR) of Critical rather than High as the score indicates. The reason is that exploitation of this vulnerability could result in an attacker elevating privileges to root. Note: To exploit this vulnerability, the WebDialer service must be enabled. WebDialer is disabled by default.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1News mentions
26- Cisco finally confirms attackers exploiting Unified CM flawBleepingComputer · Jul 2, 2026
- Cisco Confirms In-the-Wild Exploitation of Unified CM VulnerabilitySecurityWeek · Jul 2, 2026
- Week in review: Fortibleed campaign’s impact on orgs, Cisco Unified CM flaw exploitedHelp Net Security · Jun 28, 2026
- CISA sets urgent deadline to fix Cisco flaw exploited in attacksBleepingComputer · Jun 26, 2026
- The Good, the Bad and the Ugly in Cybersecurity – Week 26SentinelOne Labs · Jun 26, 2026
- CISA Warns of Cisco Unified CM Vulnerability Exploited in AttacksCyber Security News · Jun 26, 2026
- In Less Than 24 Hours, Attackers Weaponize Cisco CUCM FlawDark Reading · Jun 25, 2026
- Cisco SD-WAN Zero-Day Exploited Months Before PatchingSecurityWeek · Jun 25, 2026
- Cisco CVE-2026-20230 Added to CISA KEV Under Active ExploitationVypr Intelligence · Jun 25, 2026
- The hits keep on coming for Cisco vulnerabilitiesThe Register Security · Jun 24, 2026
- Cisco Unified CM flaw actively exploited to drop webshells (CVE-2026-20230)Help Net Security · Jun 24, 2026
- Critical Cisco Unified CM and SME Flaw Enables Remote Attacker to Launch SSRF AttacksCyber Security News · Jun 24, 2026
- Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to RootThe Hacker News · Jun 24, 2026
- Hackers Exploiting Cisco Unified CM VulnerabilitySecurityWeek · Jun 24, 2026
- Cisco Unified CM flaw CVE-2026-20230 now exploited in attacksBleepingComputer · Jun 23, 2026
- 8th June – Threat Intelligence ReportCheck Point Research · Jun 8, 2026
- ⚡ Weekly Recap: Instagram Account Hacks, Android Zero-Day, GitHub Worm and MoreThe Hacker News · Jun 8, 2026
- Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch AvailableThe Hacker News · Jun 6, 2026
- Yet another Cisco SD-WAN 0-day under attack, and no patch in sightThe Register Security · Jun 5, 2026
- Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes PublicThe Hacker News · Jun 4, 2026
- ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New StoriesThe Hacker News · Jun 4, 2026
- Cisco warns of critical Unified CM flaw with PoC exploit codeBleepingComputer · Jun 4, 2026
- Cisco Unified Communications Manager Vulnerability Exposed Along With PoC Exploit CodeCyber Security News · Jun 4, 2026
- Cisco Warns of Available PoC for Critical Unified CM VulnerabilitySecurityWeek · Jun 4, 2026
- Cisco Discloses Three Vulnerabilities: SSRF, XSS, and Arbitrary File LoadVypr Intelligence · Jun 3, 2026
- CISA Adds Two Known Exploited Vulnerabilities to CatalogCISA Alerts