CVE‑2026‑20230 in Cisco Unified CM: PoC Published — Patch Now or Disable WebDialer

Colleagues, a SSRF in Cisco Unified Communications Manager (CVE‑2026‑20230) has a public PoC. An unauthenticated request can write files to the OS and lead to root escalation. Reported by an independent researcher with SSD Secure Disclosure; Cisco has not observed widespread exploitation. Mitigation: check WebDialer status in Control Center — 'Started' indicates exposure. Disable WebDialer or apply the patch: 14SU6 for 14.x; for 15.x use the interim COP until 15SU5 (Sept 2026). PoC shortens the exploitation window — prioritize securing your deployments. How will you respond? #cybersecurity #Cisco #vulnerabilities #infosec


Latest comments
No comments yet.