Zeroday Vulnerability of Cisco Unified Communications products

-

After releasing updates against an actively exploited critical security vulnerability (2025-20393 & CVSS Score 10.0) what affected AsyncOS Software for Cisco Secure Email Gateway and Sisco secure Email and Web Manager, Cisco published another disclosure of Zero-day vulnerability in late January, 2026 and released a fresh patch for it within 24 hours of the disclosure. This Zero-day vulnerability, CVE-2026-20045 (CVSS score: 8.2) could permit an unauthenticated remote attack to execute arbitrary commands on the operating system of a susceptible device.


Cisco addressed this with, “This vulnerability is due to improper validation of us input in HTTP request”.


With this vulnerability, hacker could successfully launch an attack by sending sequence of crafted HTTP requests to the web-management interface of an affected device. If the attempt is successful, attacker could gain user level accesses to underlying operating system and elevate privileges to the root level.


The vulnerability impacted the following products:


■ Unified CM

■ Unified CM Session Management Edition

■ Unified CM IM & presence Service (IM&P)

■ Unified Connection

■ Webex Calling Dedicated Instances


The U.S. Cybersecurity and Infrastructure Security Agency (CISA) also added this vulnerability to its Known Exploited Vulnerabilities (KVE) catalogue and mandate accelerated remediation timeline for federal agencies.


Link for official advisory and patch files by Cisco:

CVE-2026-20045 | CWE-94

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voice-rce-mORhqY4b

CVE-2025-20393 | CWE-20 : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-attack-N9bf4

Comments

Post a Comment

Popular posts from this blog

Genea Fertility Clinic Ransomware Attack (2025)

-
Image
Genea Fertility Clinic On 21st February 2025, Genea, which is one of the largest fertility clinics in Australia, claimed to have observed some suspicious activity in their network from 14th February. This clinic launched an active investigation for a non-disrupted service that has successfully operated for the last 40 years. On Feb 26th, the investigation found the activity of threat actors that had begun to publish stolen data from the Genea Patient Management System. The ransomware gang, Termite, claimed responsibility for the attack and claimed to have access to 700GB data of from the Genea Patient Management System. According to the investigation report the stolen data contains severely sensitive data, like, Full names Emails, Addresses, Phone Numbers, Medicare Card Numbers, Private Health Insurance Details, Defense DA numbers, Medical Record Numbers, Patient Numbers, Date of Birth, Medical History, Diagnoses and Treatments, Medications and Prescriptions, Patient Health Que...
Read more

How to Develop an Effective RCA Report for Incident Response

-
Image
How to Develop an Effective RCA Report for Incident Response Our fast-paced world is dependent on technology and the internet. That’s why, today, cyber security breaches are a rigorous headache for business owners- incidents can occur anytime- from phishing attacks to malware infections or unauthorised access in any infrastructure, even in the self-satisfactory declaration “Impenetrable networks”. As a SOC analyst, I am authorised to monitor any fluctuation in the SIEM dashboard and take immediate action if required. Apart from that, while I am responding to the incident, I need to understand why it happened and  prevent the event from escalating to other highly sensitive data zones. That is the place where an efficient and well-verified Root Cause Analysis report comes in. In this blog, I will walk you through what an RCA report is, why it is essential for incident response, and provide a generic procedure to create a professional RCA report. As a leading SOC analyst, ...
Read more

POV: “I am secured, I have a Licensed Antivirus!” - Are you protected from cybercriminal minds?

-
In today’s rapidly evolving digital landscape, many people and organizations still rely on traditional antivirus software to protect their systems. But are these solutions enough to tackle the sophisticated threats we face today? The short answer: probably not. With the rise of advanced malware, zero-day exploits, and sophisticated attack techniques, depending upon traditional antivirus software alone may leave your system vulnerable.  Let’s examine how traditional antivirus compares to Next-Generation Endpoint Detection and Response (EDR) and why EDR is becoming a critical tool for modern cybersecurity.  Traditional Antivirus: A Basic Shield   Antivirus software has been the backbone of computer security for decades. It typically works by scanning files and programs against a signature database of known threats. If it finds a match, it only quarantines or deletes the malicious file. However, this approach has its limitations:  Signature-Based Detection : Tradi...
Read more