Dark Reading ·EN Restricted
In Less Than 24 Hours, Attackers Weaponize Cisco CUCM Flaw
CVE Tools coverage
In under 24 hours of proof-of-concept release, attackers started actively exploiting a critical Cisco Unified Communications Manager (CUCM) vulnerability to obtain root access. The issue, tracked as CVE-2026-20230, is an unauthenticated SSRF input validation flaw affecting Cisco Unified CM and Unified CM SME deployments when the WebDialer service is enabled. This matters because public exploit chains have been observed in the wild, enabling attackers to deploy web shells and escalate privileges on exposed systems; Cisco issued fixes on June 3 and organizations should patch or disable WebDialer if not required.