Cisco Unified Communications 0-day RCE Vulnerability Exploited in the Wild to Gain Root Access

Cisco Unified Communications 0-day RCE Vulnerability Exploited in the Wild to Gain Root Access

Posted on By CWS

Cisco has disclosed a vital zero-day distant code execution (RCE) vulnerability, CVE-2026-20045, actively exploited within the wild.

Affecting key Unified Communications merchandise, this flaw permits unauthenticated attackers to run arbitrary instructions on the underlying OS, doubtlessly gaining root entry.

The Cisco Product Safety Incident Response Group (PSIRT) confirmed exploitation makes an attempt and urged fast patching.

The problem stems from improper validation of user-supplied enter in HTTP requests to the web-based administration interface. An attacker sends crafted HTTP requests that bypass authentication, execute instructions on the consumer stage, after which escalate privileges to root. Cisco rated it Crucial by way of Safety Affect Ranking (SIR), overriding the CVSS rating as a result of root-level dangers.

No workarounds exist. Exploitation requires community entry to the administration interface, widespread in enterprise VoIP setups uncovered by way of firewalls or VPNs.

Affected Merchandise

This vulnerability impacts these Cisco merchandise no matter configuration:

ProductBug IDUnified CMCSCwr21851Unified CM SMECSCwr21851Unified CM IM&PCSCwr29216Unity ConnectionCSCwr29208Webex Calling Devoted InstanceCSCwr21851

Merchandise like Contact Heart SIP Proxy, Unified CCE, and others are confirmed unaffected. Examine the advisory for full particulars.

Fastened Releases and Patches

Cisco launched updates and patches. Migrate or apply version-specific fixes; seek the advice of patch READMEs.

Unified CM, IM&P, SME, Webex Calling

Unity Connection

PSIRT validates solely listed releases.

Exploitation within the Wild

Cisco PSIRT detected real-world exploits concentrating on unpatched techniques. Attackers doubtless leverage automated scanners for uncovered interfaces. Enterprises working susceptible VoIP/UC deployments face excessive threat, particularly in hybrid work environments.

Apply patches instantly. Limit administration interface to trusted IPs by way of firewalls. Monitor logs for anomalous HTTP requests. CISA added this to the Identified Exploited Vulnerabilities quickly.

An exterior researcher reported the flaw; Cisco credited them within the advisory. Keep vigilant: zero-day vulnerabilities like CVE-2026-20045 underscore UC platform dangers amid rising RCE traits.

Comply with us on Google Information, LinkedIn, and X for day by day cybersecurity updates. Contact us to function your tales.

Cyber Security News Tags:, , , , , , , , , ,

Related Posts

Microsoft Teams to Enforce Messaging Safety Defaults Starting January 2026 Microsoft Teams to Enforce Messaging Safety Defaults Starting January 2026 Cyber Security News
New WireTap Attack Break Server SGX To Exfiltrate Sensitive Data New WireTap Attack Break Server SGX To Exfiltrate Sensitive Data Cyber Security News
New Linux Kernel Vulnerability Directly Exploited from Chrome Renderer Sandbox New Linux Kernel Vulnerability Directly Exploited from Chrome Renderer Sandbox Cyber Security News
Rise in Phishing Activity Using Spoofed SharePoint Domains With Sneaky2FA Techniques Rise in Phishing Activity Using Spoofed SharePoint Domains With Sneaky2FA Techniques Cyber Security News
NCSC Warns of ‘UMBRELLA STAND’ Malware Attacking Fortinet FortiGate Firewalls NCSC Warns of ‘UMBRELLA STAND’ Malware Attacking Fortinet FortiGate Firewalls Cyber Security News
Hackers Weaponizing Telegram Messenger with Dangerous Android Malware to Gain Full System Control Hackers Weaponizing Telegram Messenger with Dangerous Android Malware to Gain Full System Control Cyber Security News