Security
Cisco Unified CM SSRF vulnerability CVE-2026-20230 actively exploited in attacks
Tags Infrastructure ยท Enterprise
BleepingComputerยท
A high-severity server-side request forgery vulnerability (CVE-2026-20230) in Cisco Unified Communications Manager Server is being actively exploited, allowing unauthenticated attackers to trigger internal network requests from affected systems.
Technical significance
SSRF vulnerabilities in enterprise VoIP infrastructure can expose internal networks to unauthorized access. Admins using Cisco Unified CM should patch immediately, as active exploitation confirms the vulnerability is being weaponized in the wild.