Attackers exploit Cisco Unified CM flaw weeks after patch release
A critical Cisco Unified CM vulnerability is now under active exploitation, weeks after the company issued patches warning it could allow attackers to gain root access.
A critical Cisco Unified CM vulnerability is now under active exploitation, weeks after the company issued patches warning it could allow attackers to gain root access.
The short version
- Threat intelligence firm Defused reported the exploitation on June 23.
- The company said it observed the activity over the weekend.
- “This is currently being exploited from a single source using an unvetted PoC, with genuinely-formatted file:// file-write payloads landing on our decoys,” Defused said on X .
- The flaw is tracked as CVE-2026-20230 and carries a CVSS base score of 8.6.
What happened
Threat intelligence firm Defused reported the exploitation on June 23. The company said it observed the activity over the weekend.
Why it matters
Cisco published the advisory and patches on June 3, when it stated it was not aware of any malicious use of the vulnerability at the time of disclosure.
Summary by Nerd News Network. Read the full article at Network World via the links above and below.