Zeljka Zorz
Zeljka Zorz, Editor-in-Chief, Help Net Security

RCE flaw in Cisco enterprise communications products probed by attackers (CVE-2026-20045)

Cisco has fixed a critical remote code execution vulnerability (CVE-2026-20045) in some of its unified communications solutions that’s being targeted by attackers in the wild, the company announced on Wednesday via a security advisory.

About CVE-2026-20045

CVE-2026-20045 is a code injection vulnerability stemming from improper validation of user-supplied input in HTTP requests.

“An attacker could exploit this vulnerability by sending a sequence of crafted HTTP requests to the web-based management interface of an affected device. A successful exploit could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to root,” Cisco says.

The company warns that its Product Security Incident Response Team (PSIRT) is aware of attempted exploitation of this vulnerability in the wild.

CVE-2026-20045, which was reported by an unnamed external researcher, affects:

  • Cisco Unified Communications Manager (CSCwr21851) – used mainly by large enterprises, government and public sector agencies, and organizations in regulated industries that run their own enterprise telephony infrastructure
  • Cisco Unified Communications Manager Session Management Edition (CSCwr21851) – used primarily by large enterprises with multiple CUCM clusters, regional deployments, or global routing complexity
  • Cisco Unified Communications Manager IM & Presence Service (CSCwr29216) – used by organizations that want real-time presence and messaging integrated with telephony
  • Cisco Unity Connection (CSCwr29208) – for organizations that need enterprise voicemail and messaging tied to their call infrastructure
  • Cisco Webex Calling Dedicated Instance (CSCwr21851) – for organizations that want a cloud-hosted, private version of CUCM-style calling

There are no workarounds to address this vulnerability, so Cisco “strongly recommends” that customers remediate the flaw as soon as possible by upgrading to a fixed software release or apply a patch file.

Subscribe to our breaking news e-mail alert to never miss out on the latest breaches, vulnerabilities and cybersecurity threats. Subscribe here!

More about

Featured news

Resources

Don't miss