{"vulnerability": "CVE-2026-20230", "sightings": [{"uuid": "4746fb81-de25-4866-aebb-56388ebab167", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/cisco-security-advisory-av26-547", "content": "", "creation_timestamp": "2026-06-03T12:22:10.000000Z"}, {"uuid": "74677dba-4642-42c5-8708-e0b18e9c3fda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://www.acn.gov.it/portale/w/cisco-cucm-disponibile-poc-per-lo-sfruttamento-di-vulnerabilita", "content": "Disponibile un Proof of Concept (PoC) per la CVE-2026-20230 \u2013 gi\u00e0 sanata dal vendor \u2013 presente in Cisco Unified Communications Manager (CUCM) e Cisco Unified CM Session Management Edition (CUCM SME), note soluzioni Cisco per la gestione delle comunicazioni VoIP aziendali. Tale vulnerabilit\u00e0, qualora sfruttata, potrebbe consentire ad un utente malintenzionato di scrivere file arbitrari sul filesystem dei sistemi interessati", "creation_timestamp": "2026-06-04T07:04:00.000000Z"}, {"uuid": "e3e69360-49ae-4d61-b7db-d3be7fd7e917", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mng7rwuf3i2c", "content": "CVE-2026-20230 - SSRF in Cisco Unified CM & Unified CM SME. Improper HTTP input validation. CVSS 8.6. Unpatched. No workaround available. Monitor for updates. #CVE #Cisco #infosec\n\nhttps://www.valtersit.com/cve/CVE-2026-20230/", "creation_timestamp": "2026-06-03T23:03:34.158889Z"}, {"uuid": "029b88fa-a1ea-474a-b464-0596bf10c059", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1899", "content": "", "creation_timestamp": "2026-06-03T21:00:00.000000Z"}, {"uuid": "6002d201-cbc9-4587-9ccb-3ff2dcd8fb8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mnhan2l7ls2n", "content": "Cisco released patches for CVE-2026-20230 in Unified CM and Unified CM SME, where improper HTTP input validation enables SSRF and potential root escalation.\n", "creation_timestamp": "2026-06-04T08:51:23.804102Z"}, {"uuid": "5e7617eb-cac8-4548-b6ee-275c0488d685", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mnhb5genbz23", "content": "Cisco Unified CM & SME face a CRITICAL SSRF flaw (CVE-2026-20230). Only systems with WebDialer enabled are at risk. Patch to 14SU6 ASAP \u2014 PoC is public, no live attacks yet. https://radar.offseq.com/threat/cisco-warns-of-available-poc-for-critical-unified--c947124b #OffSeq #Cisco #SecurityAlert", "creation_timestamp": "2026-06-04T09:00:33.661242Z"}, {"uuid": "2de60f3c-c759-4a27-9ade-b5b5ed15a650", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116691018083283672", "content": "\u26a0\ufe0f CRITICAL: Cisco Unified CM/SME hit by SSRF vuln (CVE-2026-20230). Unauthenticated remote attackers can write files & escalate to root if WebDialer is enabled. Patch to 14SU6 ASAP. PoC out, no active exploitation. https://radar.offseq.com/threat/cisco-warns-of-available-poc-for-critical-unified--c947124b #OffSeq #Cisco #SSRF #Vuln", "creation_timestamp": "2026-06-04T09:00:43.736581Z"}, {"uuid": "e66c0d24-d6df-4caf-9398-17f1beb4aa98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnhfdb677x2l", "content": "Cisco patched CVE-2026-20230 in Unified CM and Unified CM SME after PoC code surfaced. The flaw could enable SSRF via crafted HTTP requests and may lead to root access on affected systems. #Cisco #UnifiedCM #CVE202620230", "creation_timestamp": "2026-06-04T10:15:23.706928Z"}, {"uuid": "66b30a01-b4f7-4e6a-b475-cb8737b93c39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mnhg43zcy32h", "content": "CVE-2026-20230: Critical Cisco Unified CM SSRF Flaw Exposes Enterprises to Root-Level Takeover via Public Exploit Code +\u00a0Video\n\nBreaking Security Reality: A Hidden Door Inside Enterprise Voice Infrastructure A newly disclosed vulnerability in Cisco Unified Communications Manager (Unified CM) has\u2026", "creation_timestamp": "2026-06-04T10:29:17.638797Z"}, {"uuid": "714049c5-130a-46c7-8f2d-b06dd9aa900c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnhnpk4ruz2r", "content": "Cisco fixed CVE-2026-20230, a critical Unified CM flaw that could let remote attackers gain root via SSRF. Systems with WebDialer enabled are affected. Upgrade to 14SU6 or 15SU5. #Cisco #UnifiedCM #WebDialer", "creation_timestamp": "2026-06-04T12:45:25.997344Z"}, {"uuid": "24fbf84e-df9d-4cd2-a351-9f90749b2eb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/deafnews-auto.bsky.social/post/3mnhicayvz62k", "content": "CVE-2026-20230: Public PoC for Cisco Unified CM Vulnerability Risks Remote Root Access", "creation_timestamp": "2026-06-04T11:08:31.175249Z"}, {"uuid": "374e14f8-41a3-41cc-855a-d8e791863593", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mnhpnko23r2d", "content": "\ud83d\udd17 CVE : CVE-2026-20230", "creation_timestamp": "2026-06-04T13:20:06.817392Z"}, {"uuid": "ca67fac9-7d06-4f9f-9cff-9e4ab49c5895", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://gist.github.com/alon710/820db5e55816f217153b6bb6b1bd693c", "content": "# CVE-2026-20230: CVE-2026-20230: Server-Side Request Forgery in Cisco Unified Communications Manager WebDialer Service\n\n> **CVSS Score:** 8.6\n> **Published:** 2026-06-03\n> **Full Report:** https://cvereports.com/reports/CVE-2026-20230\n\n## Summary\nCVE-2026-20230 is a critical Server-Side Request Forgery (SSRF) vulnerability in the WebDialer service of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME). The flaw arises from improper validation of input parameters within WebDialer HTTP requests. Unauthenticated remote attackers can exploit this vulnerability to force the application to make HTTP requests to internal administrative services bound to the loopback interface. In the Cisco Voice Operating System (VOS) environment, these local services trust loopback traffic inherently, permitting unauthorized file writes. By writing malicious files to specific system directories, the attacker can execute arbitrary commands with root privileges.\n\n## TL;DR\nImproper input validation in the WebDialer service of Cisco Unified CM enables unauthenticated remote attackers to execute a Server-Side Request Forgery (SSRF). This vulnerability allows attackers to query internal loopback APIs, write malicious files to the filesystem, and escalate privileges to root.\n\n## Technical Details\n\n- **Vulnerability ID**: CVE-2026-20230\n- **CWE ID**: CWE-918\n- **Attack Vector**: Network (AV:N)\n- **CVSS v3.1 Score**: 8.6 (Critical Severity Impact Rating)\n- **Exploit Status**: None (No public exploit code or active exploitation detected)\n- **CISA KEV Status**: No\n\n## Affected Systems\n\n- Cisco Unified Communications Manager (Unified CM)\n- Cisco Unified Communications Manager Session Management Edition (Unified CM SME)\n- **Cisco Unified Communications Manager**: All versions where WebDialer is active and unpatched (Fixed in: `Refer to cisco-sa-cucm-ssrf-cXPnHcW`)\n- **Cisco Unified Communications Manager SME**: All versions where WebDialer is active and unpatched (Fixed in: `Refer to cisco-sa-cucm-ssrf-cXPnHcW`)\n\n## Mitigation\n\n- Disable the WebDialer service if it is not actively required for telephony operations.\n- Apply network-level firewall rules to restrict access to Unified CM administrative and application interfaces.\n- Upgrade Cisco Unified CM and Unified CM SME to a supported software version containing the security patch.\n\n**Remediation Steps:**\n1. Log in to the Cisco Unified Serviceability page on the target node.\n2. Go to Tools -> Service Activation and check the status of Cisco WebDialer. If active and unnecessary, deactivate the service.\n3. Download the authorized system update package from the official Cisco Software Download Portal.\n4. Apply the patch or software update during a scheduled maintenance window in accordance with Cisco's deployment guidelines.\n5. Verify that the vulnerability is remediated by checking the software build version against the advisory's fixed releases list.\n\n## References\n\n- [Cisco Unified Communications Manager SSRF Security Advisory](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-ssrf-cXPnHcW)\n- [CVE-2026-20230 on CVE.org](https://www.cve.org/CVERecord?id=CVE-2026-20230)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-20230) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-04T13:01:07.000000Z"}, {"uuid": "51531889-0424-4f6e-9fc3-84884cf12355", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://thehackernews.com/2026/06/cisco-patches-cve-2026-20230-in-unified.html", "content": "Cisco has patched a bug in Unified Communications Manager that lets an unauthenticated attacker on the network write files to the box and, from there, climb to root.\n\nIt is tracked as CVE-2026-20230, and proof-of-concept exploit code is already public. Cisco's PSIRT says it has not seen the flaw used in attacks yet. The PoC shortens that runway.\n\nThe flaw is a server-side request forgery.", "creation_timestamp": "2026-06-04T14:55:51.000000Z"}, {"uuid": "6956abfa-aaa5-41eb-a5d0-f97966b280d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnisdwfqru2p", "content": "\ud83d\udea8 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-20230\n\n\u2022 CVE ID: CVE-2026-20230\n\u2022 CVSS Score: 8.6 (High)\n\u2022 Affected: Unified CM as Expl\n\nhttps://securitycyber.uk", "creation_timestamp": "2026-06-04T23:41:06.267816Z"}, {"uuid": "eb13c2a2-0f00-4458-81d4-8ff7ec17c3f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/8281", "content": "Cisco \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Unified Communications Manager (Unified CM), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 root.\n\nCisco Unified CM (\u0440\u0430\u043d\u0435\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0430\u043a Cisco CallManager) \u0441\u043b\u0443\u0436\u0438\u0442 \u0446\u0435\u043d\u0442\u0440\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439 IP-\u0442\u0435\u043b\u0435\u0444\u043e\u043d\u0438\u0438 Cisco, \u043e\u0442\u0432\u0435\u0447\u0430\u044e\u0449\u0435\u0439 \u0437\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c\u0438, \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0446\u0438\u044e \u0432\u044b\u0437\u043e\u0432\u043e\u0432 \u0438 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u0438\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2026-20230 \u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0431\u0435\u0437 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0434\u043b\u044f \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a \u0441 \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u043e\u0439 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 (SSRF) \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0435\u0435, \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441 \u043d\u0430 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e. \u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f  \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442 \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0432 \u0431\u0430\u0437\u043e\u0432\u0443\u044e \u041e\u0421, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u0430\u0432 root.\n\nCisco (PSIRT) \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u043d\u0430\u043b\u0438\u0447\u0438\u0438 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0433\u043e PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0434\u043b\u044f CVE-2026-20230, \u043d\u043e \u043f\u043e\u043a\u0430 \u043d\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0438\u043b\u0438 \u0446\u0435\u043b\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f.\n\n\u0421\u043b\u0435\u0434\u0443\u0435\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u043b\u0443\u0436\u0431\u0430 WebDialer \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 (\u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d).\n\n\n\u041e\u0431\u0445\u043e\u0434\u043d\u044b\u0445 \u043f\u0443\u0442\u0435\u0439 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442, \u043d\u043e \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c Cisco Unified CM \u0432\u0435\u0440\u0441\u0438\u0439 14SU6 \u0438\u043b\u0438 15SU5 (\u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044c 2026 \u0433. \u0438\u043b\u0438 COP), \u0438\u043b\u0438 \u0436\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u0443 WebDialer \u0434\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043f\u0430\u0442\u0447\u0430, \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u044e\u0449\u0435\u0433\u043e \u0432\u0445\u043e\u0434\u044f\u0449\u0438\u0435 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 CVE-2026-20230.", "creation_timestamp": "2026-06-04T18:30:06.000000Z"}, {"uuid": "9307e032-9271-4295-816a-82206ac78715", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/happeningnow.news/post/3mnijgs47mj2b", "content": "Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public\nCisco has patched a bug in Unified Communications Manager that lets an unauthenticated attacker on the network write files to the box and, from there, climb to root. It is tracked\u2026\n\n\ud83d\udd17 https://hnow.live/a/b7de2431", "creation_timestamp": "2026-06-04T21:01:36.806016Z"}, {"uuid": "6186b18b-5cbd-43e8-a724-96e810f34968", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://t.me/TengkorakCyberCrewzz/10920", "content": "Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public \u2013 thehackernews.com\n\nFri, 05 Jun 2026 00:55:51", "creation_timestamp": "2026-06-04T20:03:10.000000Z"}, {"uuid": "667547be-c520-40ef-bce6-2990d4537c31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20230", "type": "seen", "source": "https://bsky.app/profile/crustytldr.bsky.social/post/3mnimu3fpbx2h", "content": "\ud83d\udd12 Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public\n\nCisco has patched a bug in Unified Communications Manager...\n\nhttps://thehackernews.com/2026/06/cisco-patches-cve-2026-20230-in-unified.html #CyberSecurity #InfoSec #CrustyTLDR", "creation_timestamp": "2026-06-04T22:02:43.993092Z"}, {"uuid": "c6090c2e-f26e-4087-b0f2-9a9590387bac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mninkr3kmr2z", "content": "Cisco patched CVE-2026-20230 in Unified CM and Session Management Edition, a SSRF flaw that can allow arbitrary file writes and potential root escalation. PoC code is public. #Cisco #UnifiedCM #WebDialer", "creation_timestamp": "2026-06-04T22:15:25.111221Z"}, {"uuid": "8feb7018-34ce-4fbe-9e96-f8fc0860904f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20230", "type": "seen", "source": "https://bsky.app/profile/blindthoughts.bsky.social/post/3mninnc7brp2r", "content": "Cisco Unified CM Exploit Goes Public \u2014 Unauthenticated Root Access via CVE-2026-20230\n\nhttps://blindthoughts.com/cisco-unified-cm-cve-2026-20230-root-exploit\n\n#cisco #vulnerability #exploit #unifiedcommunications #patchnow", "creation_timestamp": "2026-06-04T22:16:49.796604Z"}, {"uuid": "ba2dcaf3-4591-4065-b95d-ddb8c76898d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnjphtjbx62d", "content": "\ud83d\udea8 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-20230\n\n\u2022 CVE ID: CVE-2026-20230\n\u2022 CVSS Score: 8.6 (High)\n\u2022 Affected: Cisco Patches\n\nhttps://securitycyber.uk", "creation_timestamp": "2026-06-05T08:22:13.501961Z"}, {"uuid": "53c74f98-d8bc-4055-80ea-292a06fc255a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnjqb46v2j2p", "content": "\ud83d\udea8 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-20230\n\n\u2022 CVE ID: CVE-2026-20230\n\u2022 CVSS Score: 8.6 (High)\n\u2022 Affected: Cisco Patches\n\nhttps://securitycyber.uk", "creation_timestamp": "2026-06-05T08:36:21.453194Z"}, {"uuid": "849aa712-9164-4ae3-85b7-2185a403246f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/cybersecurity0001.bsky.social/post/3mni46dedyx2n", "content": "Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public", "creation_timestamp": "2026-06-04T17:04:15.410940Z"}, {"uuid": "2898d5c2-ed25-4871-8102-e4a6d414f072", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mni4sov4ydn2", "content": "Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public TheHackerNews Cisco patched a Unified CM flaw allowing unauthenticated network attackers to write files and escalate to root.\n\n#Security #News\n\nOrigin | Interest | Match", "creation_timestamp": "2026-06-04T17:16:02.085321Z"}, {"uuid": "508e8cad-5a1b-4467-9c54-c4e6c34412c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mni5qpf5uw2i", "content": "Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public", "creation_timestamp": "2026-06-04T17:32:24.953399Z"}, {"uuid": "88b945be-77ee-42a8-a0a7-f1b3c1f7fa7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://t.me/cibsecurity/89626", "content": "\ud83d\udd8b\ufe0f Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public \ud83d\udd8b\ufe0f\n\nCisco has patched a bug in Unified Communications Manager that lets an unauthenticated attacker on the network write files to the box and, from there, climb to root.  It is tracked as CVE202620230, and proofofconcept exploit code is already public. Cisco's PSIRT says it has not seen the flaw used in attacks yet. The PoC shortens that runway.  The flaw is a serverside request forgery.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"The Hacker News\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2026-06-04T17:15:06.000000Z"}, {"uuid": "feeb52e9-c6a0-4967-91d3-af15747f4a81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://t.me/ctinow/251316", "content": "Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public\nhttps://ift.tt/PuWjc4e", "creation_timestamp": "2026-06-04T17:14:06.000000Z"}, {"uuid": "3ac7168e-0a98-4af6-a282-ca39f55209e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/bitnewsbot.bsky.social/post/3mni7ld6zkg2g", "content": "Cisco has patched a critical server-side request forgery vulnerability, CVE-2026-20230, in its Unified Communications Manager and Session Management Edition. The [\u2026]", "creation_timestamp": "2026-06-04T18:05:11.825207Z"}, {"uuid": "c7046b06-583a-4c40-b642-dfc4abe00753", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/ninjaowl.ai/post/3mnirknuaxb27", "content": "Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...", "creation_timestamp": "2026-06-04T23:26:59.954352Z"}, {"uuid": "a8d9f986-aa29-4f86-b781-fc0677e08dfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnithbuash2p", "content": "\ud83d\udea8 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-20230\n\n\u2022 CVE ID: CVE-2026-20230\n\u2022 CVSS Score: 8.6 (High)\n\u2022 Affected: ThreatsDay Bulleti\n\nhttps://securitycyber.uk", "creation_timestamp": "2026-06-05T00:00:50.303617Z"}, {"uuid": "8b6f7970-4a2c-44c5-92e9-9a05be46eb57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mnj2biabcl27", "content": "Cisco\u306f\u3001\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u30b3\u30fc\u30c9\u304c\u516c\u958b\u3055\u308c\u305f\u3053\u3068\u3092\u53d7\u3051\u3001Unified CM\u306eCVE-2026-20230\u3092\u4fee\u6b63\u3057\u305f \n\nCisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public  #HackerNews (Jun 4)\n\nthehackernews.com/2026/06/cisc...", "creation_timestamp": "2026-06-05T02:02:52.623510Z"}, {"uuid": "133f8d26-2ae1-4061-bfaa-bada239c7452", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mnj3tf3oaw2f", "content": "Top 3 CVE for last 7 days:\nCVE-2025-48595: 136 interactions\nCVE-2026-0257: 43 interactions\nCVE-2026-48778: 23 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-49858: 11 interactions\nCVE-2026-20230: 6 interactions\nCVE-2026-10737: 4 interactions\n", "creation_timestamp": "2026-06-05T02:30:47.822207Z"}, {"uuid": "9300b9f2-865e-4452-90b6-4b66768fc03a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20230", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3mnjj6zwhfssm", "content": "Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public https://thehackernews.com/2026/06/cisco-patches-cve-2026-20230-in-unified.html", "creation_timestamp": "2026-06-05T06:30:47.487671Z"}, {"uuid": "9aff5da6-2966-427c-a2ee-a09a500059f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnjrjn2qm42f", "content": "\ud83d\udea8 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-20230\n\n\u2022 CVE ID: CVE-2026-20230\n\u2022 CVSS Score: 8.6 (High)\n\u2022 Affected: Unified CM\n\nhttps://securitycyber.uk", "creation_timestamp": "2026-06-05T08:59:01.320431Z"}, {"uuid": "f512d3a5-dfac-49b9-9766-13df03f2bfe1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnjrjn2qm42f", "content": "\ud83d\udea8 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-20230\n\n\u2022 CVE ID: CVE-2026-20230\n\u2022 CVSS Score: 8.6 (High)\n\u2022 Affected: Unified CM\n\nhttps://securitycyber.uk", "creation_timestamp": "2026-06-05T08:59:01.326322Z"}, {"uuid": "acdb41ad-400f-4900-a4a3-1d9811bf01bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mnk356nsad2m", "content": "Critical Cisco Unified CM Vulnerability (CVE-2026-20230): Unauthenticated File-Write Leads to Root \u2013 Patch Immediately +\u00a0Video\n\nIntroduction A newly disclosed critical vulnerability in Cisco Unified Communications Manager (Unified CM) could allow an unauthenticated, remote attacker to exploit a\u2026", "creation_timestamp": "2026-06-05T11:51:02.380940Z"}, {"uuid": "0e6dcd96-31d1-4deb-baa4-8631e856afeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116692107541218445", "content": "Attention, elevated activities detected targeting Cisco Unified Communications Manager (CVE-2026-20230) https://vuldb.com/vuln/368153/cti", "creation_timestamp": "2026-06-04T13:37:37.783646Z"}, {"uuid": "e6484097-7e07-43b5-b0c0-d57b0043d51a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20230", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3mnhqnbo2uh2e", "content": "\ud83d\udcf0 Cisco Rilis Tambalan Darurat untuk Kerentanan Kritis Unified CM, Kode PoC Telah Beredar Publik\n\n\ud83d\udc49 Baca artikel lengkap di sini: https://ahmandonk.com/2026/06/04/cisco-peringatan-kerentanan-kritis-unified-cm-poc-eksploitasi/\n\n#beritaTeknologi #bugServer #cisco #ciscoUnifiedCm #cve-2026-20230 ", "creation_timestamp": "2026-06-04T13:37:50.586162Z"}, {"uuid": "82ceb129-e0e8-4cbc-81ba-f51897153b5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mnkavsxjq22h", "content": "Critical Cisco Unified CM Bug Patched as Public Exploit Code Emerges\n\nCisco patched a critical Unified CM flaw with public PoC code that allows unauthenticated attackers to launch SSRF attacks remotely. Cisco has addressed a high-severity vulnerability, tracked as CVE-2026-20230, \u2026\n#hackernews #news", "creation_timestamp": "2026-06-05T13:34:16.549418Z"}, {"uuid": "345415e7-171c-4567-b8c3-6bf4672adf59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://t.me/bdufstecru/3221", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u044b WebDialer \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0432\u044b\u0437\u043e\u0432\u043e\u0432 Cisco Unified Communications Manager (Unified CM) \u0438 Cisco Unified Communications Manager Session Management Edition (Unified CM SME) \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c SSRF-\u0430\u0442\u0430\u043a\u0443\n\nBDU:2026-07815\nCVE-2026-20230\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-ssrf-cXPnHcW", "creation_timestamp": "2026-06-05T13:10:08.000000Z"}, {"uuid": "bfcc178c-1b90-47c3-b796-8578889db305", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mnkikfh42b26", "content": "Critical vulnerability CVE-2026-20230 in Cisco Unified CM allows unauthenticated SSRF attacks leading to root access. Patch immediately! #CyberSecurity #Cisco #Vulnerability #SSRF Link: thedailytechfeed.com/cisco-patche...", "creation_timestamp": "2026-06-05T15:51:04.280117Z"}]}