๐ฅ This vulnerability is being actively exploited in the wild (CISA Known Exploited Vulnerabilities catalog)
CVE-2026-20230: Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability
Summary
Cisco Unified Communications Manager contains an SSRF vulnerability (server-side request forgery, where an attacker tricks the server into making requests on their behalf) that allows unauthenticated remote attackers to write files to the operating system, potentially leading to root-level access. This vulnerability is currently being exploited in real attacks. The vulnerability affects both standard Unified CM and Unified CM SME (Session Management Edition) versions.
Solution / Mitigation
Apply mitigations in accordance with vendor instructions from Cisco at https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-cucm-ssrf-cXPnHcW.html, ensuring compliance with CISA's BOD 26-04 guidance. For cloud services, follow applicable BOD 26-04 guidance or discontinue use of the product if mitigations are unavailable. Stakeholders must evaluate each asset's internet exposure and ensure adherence to BOD 26-04 patching guidelines by the due date of 2026-06-28.
Vulnerability Details
EPSS: 34.2%
Yes
๐ฅ Actively Exploited
June 24, 2026
Classification
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-20230
First tracked: June 25, 2026 at 08:00 PM
Classified by LLM (prompt v3) ยท confidence: 95%