Cisco Unified Communications 0-day RCE Vulnerability Exploited in the Wild to Gain Root Access

Posted on By CWS

Cisco has disclosed a vital zero-day distant code execution (RCE) vulnerability, CVE-2026-20045, actively exploited within the wild.

Affecting key Unified Communications merchandise, this flaw permits unauthenticated attackers to run arbitrary instructions on the underlying OS, doubtlessly gaining root entry.

The Cisco Product Safety Incident Response Group (PSIRT) confirmed exploitation makes an attempt and urged fast patching.

The problem stems from improper validation of user-supplied enter in HTTP requests to the web-based administration interface. An attacker sends crafted HTTP requests that bypass authentication, execute instructions on the consumer stage, after which escalate privileges to root. Cisco rated it Crucial by way of Safety Affect Ranking (SIR), overriding the CVSS rating as a result of root-level dangers.

No workarounds exist. Exploitation requires community entry to the administration interface, widespread in enterprise VoIP setups uncovered by way of firewalls or VPNs.

Affected Merchandise

This vulnerability impacts these Cisco merchandise no matter configuration:

ProductBug IDUnified CMCSCwr21851Unified CM SMECSCwr21851Unified CM IM&PCSCwr29216Unity ConnectionCSCwr29208Webex Calling Devoted InstanceCSCwr21851

Merchandise like Contact Heart SIP Proxy, Unified CCE, and others are confirmed unaffected. Examine the advisory for full particulars.

Fastened Releases and Patches

Cisco launched updates and patches. Migrate or apply version-specific fixes; seek the advice of patch READMEs.

Unified CM, IM&P, SME, Webex Calling

Unity Connection

PSIRT validates solely listed releases.

Exploitation within the Wild

Cisco PSIRT detected real-world exploits concentrating on unpatched techniques. Attackers doubtless leverage automated scanners for uncovered interfaces. Enterprises working susceptible VoIP/UC deployments face excessive threat, particularly in hybrid work environments.

Apply patches instantly. Limit administration interface to trusted IPs by way of firewalls. Monitor logs for anomalous HTTP requests. CISA added this to the Identified Exploited Vulnerabilities quickly.

An exterior researcher reported the flaw; Cisco credited them within the advisory. Keep vigilant: zero-day vulnerabilities like CVE-2026-20045 underscore UC platform dangers amid rising RCE traits.

Comply with us on Google Information, LinkedIn, and X for day by day cybersecurity updates. Contact us to function your tales.

Cyber Security News Tags:, , , , , , , , , ,

Related Posts

New LNK Malware Uses Windows Binaries to Bypass Security Tools and Execute Malware Cyber Security News
BeyondTrust Tools RCE Vulnerability Let Attackers Execute Arbitrary Code Cyber Security News
NVIDIA NeMo Framework Vulnerabilities Allows Code Injection and Privilege Escalation Cyber Security News
Hackers Using New Matrix Push C2 to Deliver Malware and Phishing Attacks via Web Browser Cyber Security News
New Ghost-tapping Attacks Steal Customers’ Cards Linked to Services Like Apple Pay and Google Pay Cyber Security News
Stealthy WordPress Malware Deliver Windows Trojan via PHP Backdoor Cyber Security News