Cisco Serves up yet Another Perfect 10 Bug with Secure Workload Admin Flaw
Cisco said no workarounds exist for the maximum-severity flaw, which affects on-premises and cloud deployments and lets unauthenticated attackers gain Site Admin access.
- Cisco released updates patching CVE-2026-20223, a maximum-severity vulnerability allowing unauthenticated attackers to gain Site Admin privileges in Cisco Secure Workload. The flaw affects both SaaS and on-premises environments, earning a perfect 10.0 CVSS score.
- Weak validation and authentication in internal REST API endpoints cause the flaw, Cisco explained. An attacker can "read sensitive information and make configuration changes across tenant boundaries" by sending a crafted API request.
- Customers running Cisco Secure Workload Release 3.9 or earlier must migrate to supported versions; 3.10 users update to 3.10.8.3 and 4.0 users to 4.0.3.17. Cloud-hosted SaaS deployments are already patched and require no action.
- Although the bug carries a 10.0 severity score, Cisco's Product Security Incident Response Team has not found evidence of active exploitation in the wild. The flaw was discovered during internal security testing, with no workarounds currently available.
- This disclosure continues a trend of high-scoring security advisories, occurring less than a week after Cisco warned of another maximum-severity authentication bypass vulnerability in its Catalyst SD-WAN platform. Cisco has disclosed numerous 9.8-plus infrastructure flaws over the past year.
19 Articles
19 Articles
Cisco serves up yet another perfect 10 bug with Secure Workload admin flaw
Cisco has disclosed yet another perfect 10 vulnerability, this time warning that unauthenticated attackers could gain Site Admin privileges in its Secure Workload platform simply by sending crafted API requests to vulnerable systems. The bug, tracked as CVE-2026-20223, earned the full 10.0 CVSS treatment and affects Cisco Secure Workload Cluster Software in both SaaS and on-prem environments. According to Cisco's barebones advisory, the issue bo…
Cisco has closed a vulnerability with the highest possible risk level in its Secure Workload security platform, which allows attackers to gain administrator rights and read sensitive data from corporate networks without logging in. Both local installations and cloud environments are affected.
Critical Cisco Secure Workload Vulnerability Allows Unauthenticated Site Admin Access
The vulnerability is caused by insufficient validation and authentication for internal REST API endpoints. An attacker could exploit the issue by sending a crafted API request to a vulnerable endpoint without authenticat…
Cisco Fixes CVE-2026-20223 Secure Workload API Flaw
Cisco has released security updates to fix a critical vulnerability, tracked as CVE-2026-20223, affecting its Cisco Secure Workload platform. The flaw, which received the maximum CVSS score of 10.0, could allow an unauthenticated remote attacker to access sensitive information and make unauthorized configuration changes through vulnerable REST API endpoints. The company said the issue originates from insufficient validation and authentication ch…
Cisco provides an update that closes a vulnerability with the highest possible risk assessment in Secure Workload.
Coverage Details
Bias Distribution
- 100% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium
