Skip to main content
See every side of every news story
Get Started
SubscribeLogin
Published loading...Updated

Cisco Plugs up Unified Comms Zero-Day Under Active Exploit

Cisco urges immediate patching of a critical flaw allowing root access; the U.S. agency mandated federal updates by Feb. 11, 2026, amid active exploitation attempts.

  • On Wednesday, Cisco announced a fix for CVE-2026-20045, releasing version-specific patches for Cisco Unified Communications Manager, Unified CM IM & Presence, Unified CM SME, Cisco Unity Connection, and Webex Calling Dedicated Instance.
  • In the web-based management interface, the bug sits in HTTP handling and can be triggered without logging in by crafted HTTP requests, allowing unauthenticated remote attackers to execute code and escalate to root.
  • Cisco's Product Security Incident Response Team said attempts to exploit the flaw have been observed in the wild, with no workarounds available and customers urged to install updates soon.
  • CISA added the flaw to its Known Exploited Vulnerabilities catalog and gave federal agencies until February 11, 2026 to deploy updates, raising the issue to emergency priority.
  • Cisco assigned a Critical severity despite a CVSS score of 8.2, and this patch follows earlier fixes to Identity Services Engine and AsyncOS earlier this month, highlighting risks to voice infrastructure.
Insights by Ground AI

11 Articles

The RegisterThe Register
Center

Cisco plugs up Unified Comms zero-day under active exploit

: The critical-rated flaw leaves unpatched systems open to full takeover

Read Full Article
BleepingComputerBleepingComputer
Center

Cisco fixes Unified Communications RCE zero day exploited in attacks

Cisco has fixed a critical Unified Communications and Webex Calling remote code execution vulnerability, tracked as CVE-2026-20045, that has been actively exploited as a zero-day in attacks. [...]

Read Full Article
WebProNewsWebProNews

Cisco Patches Zero-Day Flaws Amid Chinese Hacker Exploits in 2026

Unmasking the Shadows: Cisco’s Battle Against Relentless Zero-Day Assaults in 2026 In the high-stakes world of cybersecurity, where digital fortresses guard the lifeblood of global enterprises, Cisco Systems Inc. finds itself once again at the epicenter of a sophisticated hacking saga. As of January 2026, the networking giant has been grappling with a series of zero-day vulnerabilities that have allowed attackers to breach critical systems, exec…

Read Full Article
netzwoche.chnetzwoche.ch

Cisco Closes Critical Rce Vulnerability

Cisco fixes a critical vulnerability that allows remote code execution for remote attackers to access root privileges. The network provider provides updates for the affected unified communications solutions.

Read Full Article
cybernoz.comcybernoz.com

CISA Warns Of Cisco Unified CM 0-Day RCE Vulnerability Exploited In Attacks - Cybernoz - Cybersecurity News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert after confirming active exploitation of a zero-day remote code execution (RCE) vulnerability in multiple Cisco Unified Communications products. Tracked as CVE-2026-20045, the flaw enables code injection attacks that grant attackers user-level access to the underlying OS, followed by full root privilege escalation. Added to CISA’s Known Exploited Vulnerabi…

Read Full Article
HeiseHeise

Update! Vulnerabilities Attacking Cisco Unified Communications

Admins need to act quickly. Cisco warns against attempts to attack a vulnerability in unified communications products.

·Germany
Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 100% of the sources are Center
100% Center

Factuality Info Icon

To view factuality data please Upgrade to Premium

Ownership

Info Icon

To view ownership data please Upgrade to Vantage

BleepingComputer broke the news in on Wednesday, January 21, 2026.
Too Big Arrow Icon
Sources are mostly out of (0)

Similar News Topics

CISA icon

CISA

Cisco icon

Cisco

Zoom icon

Zoom

News
Feed Dots Icon
For You
Search Icon
SearchBlindspot LogoBlindspotLocal