Article Details
Scrape Timestamp (UTC): 2026-01-21 22:17:59.060
Original Article Text
Click to Toggle View
Cisco fixes Unified Communications RCE zero day exploited in attacks. Cisco has fixed a critical Unified Communications and Webex Calling remote code execution vulnerability, tracked as CVE-2026-20045, that has been actively exploited as a zero-day in attacks. Tracked as CVE-2026-20045, the flaw impacts Cisco Unified Communications Manager (Unified CM), Unified CM Session Management Edition (SME), Unified CM IM & Presence, Cisco Unity Connection, and Webex Calling Dedicated Instance. "This vulnerability is due to improper validation of user-supplied input in HTTP requests. An attacker could exploit this vulnerability by sending a sequence of crafted HTTP requests to the web-based management interface of an affected device," warns Cisco's advisory. "A successful exploit could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to root." While the vulnerability has a CVSS score of 8.2, Cisco assigned it a Critical severity rating, as exploitation leads to root access on servers. Cisco has released the following software updates and patch files to address the vulnerability: Cisco Unified CM, Unified CM IM&P, Unified CM SME, and Webex Calling Dedicated Instance Release: Cisco Unity Connection Release: The company says the patches are version specific, so the README should be reviewed before applying patches. Cisco's Product Security Incident Response Team (PSIRT) has confirmed that attempts to exploit the flaw have been observed in the wild, urging customers to upgrade to the latest software as soon as possible. The company also said there are no workarounds that can mitigate the flaw without installing updates. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-20045 to its Known Exploited Vulnerabilities (KEV) Catalog and given federal agencies until February 11, 2026, to deploy updates. Earlier this month, Cisco patched a Identity Services Engine (ISE) vulnerability with public proof-of-concept exploit code and a AsyncOS zero-day exploited since November. 7 Security Best Practices for MCP As MCP (Model Context Protocol) becomes the standard for connecting LLMs to tools and data, security teams are moving fast to keep these new services safe. This free cheat sheet outlines 7 best practices you can start using today.
Daily Brief Summary
Cisco has resolved a critical remote code execution vulnerability in its Unified Communications and Webex Calling platforms, identified as CVE-2026-20045, which was actively exploited in the wild.
The flaw affects multiple Cisco products, including Unified Communications Manager and Webex Calling Dedicated Instance, due to improper validation of user input in HTTP requests.
Successful exploitation could grant attackers root access to affected systems, posing significant security risks to organizations relying on these communication tools.
Cisco has released specific software updates and patches to mitigate the vulnerability, advising customers to review README files before application.
No workarounds are available, making immediate patch deployment essential for securing affected systems against potential exploits.
The U.S. Cybersecurity and Infrastructure Security Agency has added this vulnerability to its Known Exploited Vulnerabilities Catalog, mandating federal agencies update by February 11, 2026.
This incident follows recent patches by Cisco for other vulnerabilities, emphasizing the ongoing need for vigilance and timely updates in cybersecurity practices.