CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Vulnerabilities

Hackers Targeting Cisco Unified CM Zero-Day

Cisco has released patches for CVE-2026-20045, a critical vulnerability that can be exploited for unauthenticated remote code execution. The post Hackers Targeting Cisco Unified CM Zero-Day appeared first on SecurityWeek.

Cisco vulnerability exploited

Cisco on Wednesday announced patches for yet another zero-day vulnerability targeted by threat actors.

The flaw, tracked as CVE-2026-20045 and classified as critical, affects several of Cisco’s unified communications products, including Cisco Unified Communications Manager (CM) and its Session Management Edition (SME), Unified CM IM & Presence Service, Unity Connection, and Webex Calling Dedicated Instance.

According to Cisco, a remote, unauthenticated attacker can exploit CVE-2026-20045 to execute malicious commands on the underlying OS of the device.

The zero-day, reported to the vendor by unnamed external researchers, can be exploited by sending specially crafted HTTP requests to the targeted instance’s web-based management interface. 

“A successful exploit could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to root,” Cisco explained.

There does not appear to be any public information on the attacks targeting CVE-2026-20045. Cisco noted in its advisory that it is “aware of attempted exploitation of this vulnerability in the wild”.

The cybersecurity-focused internet search engine Hunter is currently showing roughly 1,300 internet-exposed instances of Cisco Unified CM, nearly half in the United States.

The cybersecurity agency CISA has added CVE-2026-20045 to its Known Exploited Vulnerabilities (KEV) catalog, instructing federal agencies to address it by February 11. 

CISA’s KEV catalog currently includes roughly 80 Cisco product vulnerabilities exploited in the wild over the past decade. Eight Cisco flaws were added to the agency’s ‘must patch’ list in the past year. 

One of the most recent is CVE-2025-20393, a Secure Email Gateway issue that has been exploited in attacks by a China-linked APT. It took the networking giant several weeks to release patches after the public disclosure of the zero-day.

Related: Hackers Target Cisco Smart Licensing Utility Vulnerabilities

Related: Cisco Routers Hacked for Rootkit Deployment

Related: Cisco Firewall Zero-Days Exploited in China-Linked ArcaneDoor Attacks

Latest News

CYBERNEWSMEDIAPublisher