top of page
Search

Cisco Fixes Actively Exploited Zero-Day in Unified Communications

  • Jan 22
  • 1 min read

Key Findings


  • Cisco patched a critical zero-day remote code execution (RCE) flaw, tracked as CVE-2026-20045 (CVSS score of 8.2), that is actively being exploited in attacks.

  • The vulnerability allows an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device.

  • The bug affects Cisco Unified CM, Unified CM SME, IM & Presence, Unity Connection, and Webex Calling Dedicated Instance.

  • Cisco is aware of attempted exploitation of this vulnerability in the wild and strongly recommends that customers upgrade to a fixed software release to remediate the issue.


Background


Earlier in January 2026, Cisco addressed a medium-severity vulnerability, tracked as CVE-2026-20029 (CVSS score: 4.9), in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) after a public proof-of-concept (PoC) exploit was disclosed.


Affected Products and Fixes


  • Cisco Unified CM, Unified CM IM&P, Unified CM SME, and Webex Calling Dedicated Instance:

  • Release 12.5: Migrate to a fixed release

  • Release 14: 14SU5 or apply patch file: ciscocm.V14SU4a_CSCwr21851_remote_code_v1.cop.sha512

  • Release 15: 15SU4 (Mar 2026) or apply patch file: ciscocm.V15SU2_CSCwr21851_remote_code_v1.cop.sha512 or ciscocm.V15SU3_CSCwr21851_remote_code_v1.cop.sha512

  • Cisco Unity Connection:

  • Release 12.5: Migrate to a fixed release

  • Release 14: 14SU5 or apply patch file: ciscocm.cuc.CSCwr29208_C0266-1.cop.sha512

  • Release 15: 15SU4 (Mar 2026) or apply patch file: ciscocm.cuc.CSCwr29208_C0266-1.cop.sha512


Conclusion


Cisco has confirmed that there are no workarounds that address this vulnerability and that the Cisco Product Security Incident Response Team (PSIRT) is aware of attempted exploitation of this flaw in the wild. The networking giant strongly recommends that customers upgrade to a fixed software release to remediate the issue.


Sources


  • https://securityaffairs.com/187177/security/cisco-fixed-actively-exploited-unified-communications-zero-day.html

  • https://thehackernews.com/2026/01/cisco-fixes-actively-exploited-zero-day.html

  • https://news.backbox.org/2026/01/22/cisco-fixes-actively-exploited-zero-day-cve-2026-20045-in-unified-cm-and-webex/

  • https://x.com/shah_sheikh/status/2014128800942985540

  • https://x.com/shah_sheikh/status/2014195881734701150

Recent Posts

See All
Defeating AI with AI

Key Findings Generative AI and agentic AI are increasingly used by threat actors to conduct faster and more targeted attacks. One capability that AI improves for threat actors is the ability to profil

 
 
 

Comments

  • Youtube

© 2025 by Explain IT Again. Powered and secured by Wix

bottom of page