Cisco Unified CM Flaw Exploited After PoC Release

Threat actors exploit CVE-2026-20230, a critical Cisco Unified CM flaw with an 8.6 CVSS score. The vulnerability allows unauthenticated remote attackers to write files to the operating system and elevate to root. Patches are available in versions 14SU6 and 15SU5.