Toggle light / dark theme

Cisco finally confirms attackers exploiting Unified CM flaw

Cisco confirmed that attackers are now exploiting a Unified Communications Manager (Unified CM) vulnerability patched in early June.

Unified CM (formerly known as Cisco CallManager) is the central control system for Cisco IP telephony systems, handling call routing, device management, and telephony features.

Threat actors without privileges can exploit the vulnerability (CVE-2026–20230) remotely in low-complexity server-side request forgery (SSRF) attacks by sending a crafted HTTP request.

Leave a Comment

Lifeboat Foundation respects your privacy! Your email address will not be published.

/* */