Hackers Targeting Cisco Unified CM Zero-Day
Cisco has released patches for CVE-2026-20045, a critical vulnerability that can be exploited for unauthenticated remote code execution. The post Hackers Targeting Cisco Unified CM Zero-Day appeared first on SecurityWeek.
Cisco on Wednesday announced patches for yet another zero-day vulnerability targeted by threat actors.
The flaw, tracked as CVE-2026-20045 and classified as critical, affects several of Cisco’s unified communications products, including Cisco Unified Communications Manager (CM) and its Session Management Edition (SME), Unified CM IM & Presence Service, Unity Connection, and Webex Calling Dedicated Instance.
According to Cisco, a remote, unauthenticated attacker can exploit CVE-2026-20045 to execute malicious commands on the underlying OS of the device.
Source: https://www.securityweek.com/hackers-targeting-cisco-unified-cm-zero-day/
Related breach coverage
- BeyondTrust Vulnerability Targeted by Hackers Within 24 Hours of PoC Release2026-02-13
Exploitation attempts target CVE-2026-1731, a critical unauthenticated remote code execution flaw in BeyondTrust Remote Support. The post BeyondTrust Vulnerability Targeted by Hackers Within 24 Hours of PoC Release appeared first on SecurityWeek.
- WatchGuard Patches Firebox Zero-Day Exploited in the Wild2025-12-22
The critical-severity bug in the Fireware OS’s iked process leads to unauthenticated remote code execution. The post WatchGuard Patches Firebox Zero-Day Exploited in the Wild appeared first on SecurityWeek.
- Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day2025-11-21
CVE-2025-61757 is an unauthenticated remote code execution vulnerability affecting Oracle Identity Manager. The post Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day appeared first on SecurityWeek.
- Adobe Patches Reader Zero-Day Exploited for Months2026-04-12
The vulnerability is tracked as CVE-2026-34621 and Adobe has confirmed that it can be exploited for arbitrary code execution. The post Adobe Patches Reader Zero-Day Exploited for Months appeared first on SecurityWeek.