bleeping-computer · Crawled Jul 5, 2026
Cisco finally confirms attackers exploiting Unified CM flaw
Read original article ↗AI Summary
Cisco has confirmed active exploitation of a critical vulnerability (CVE-2026-20230) in its Unified Communications Manager (Unified CM) software. The flaw allows unauthenticated attackers to perform server-side request forgery (SSRF) attacks via crafted HTTP requests. Cisco urges customers to apply patches immediately or disable the vulnerable WebDialer service as a mitigation. The vulnerability follows a trend of repeated security issues in Cisco Unified CM devices.
AI-extracted · verify before operational use
No entities or IoCs were extracted from this article.