Ddos 
Cisco has issued an urgent warning to network administrators worldwide: a critical remote code execution (RCE) vulnerability affecting its core communications software is currently being targeted by hackers. The flaw, tracked as CVE-2026-20045, allows unauthenticated attackers to seize control of affected devices, potentially escalating their privileges to root access.
The vulnerability strikes at the heart of enterprise communication, impacting major platforms including Cisco Unified Communications Manager (Unified CM) and Cisco Unity Connection.
While the vulnerability carries a CVSS base score of 8.2—typically categorized as “High”—Cisco has elevated the threat level to Critical. The vendor explains that this adjustment reflects the devastating potential of the flaw.
According to the advisory, “Cisco has assigned this security advisory a Security Impact Rating (SIR) of Critical rather than High as the score indicates”. The reasoning is: “Exploitation of this vulnerability could result in an attacker elevating privileges to root”.
The flaw lies in the web-based management interface of the affected devices. It stems from a failure to properly sanitize incoming traffic. “This vulnerability is due to improper validation of user-supplied input in HTTP requests”.
Attackers can trigger the exploit without ever logging in. By “sending a sequence of crafted HTTP requests to the web-based management interface of an affected device,” an adversary can bypass security controls.
Once inside, the damage can be total. “A successful exploit could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to root”.
The vulnerability is broad, affecting the following products regardless of their specific configuration:
- Unified CM (CallManager)
- Unified CM Session Management Edition (SME)
- Unified CM IM & Presence Service
- Unity Connection
- Webex Calling Dedicated Instance
With active exploitation confirmed, patching is not optional. Cisco has released software updates for versions 14 and 15, while noting that version 12.5 users must “Migrate to a fixed release”.
Given the active threat landscape, “Cisco strongly recommends that customers upgrade to a fixed software release to remediate this vulnerability” immediately.
Related Posts:
- CVE-2025-20309 (CVSS 10): Cisco Patches Critical Static SSH Root Credential Flaw in Unified CM
- CVE-2025-31103: Zero-Day Vulnerability Discovered in a-blog cms, Act Now to Protect Your Web Server
- High-Risk Flaws in a-blog cms: CVE-2025-36560 Scores Critical 9.2 on CVSS Scale
- Privilege Escalation Flaws in Cisco Unified Intelligence Center Threaten User Data Integrity
Donate