The Cisco vulnerability CVE-2026-20230 (CVSS 8.6) is being actively exploited weeks after patch release in June and enables root access through SSRF and file operations.
CVE-2026-20230 (CVSS 8.6) in Cisco Unified CM and CM SME is being actively exploited – unencrypted HTTP requests enable remote write access without authentication.