"Cisco has assigned this security advisory a Security Impact Rating (SIR) of Critical rather than High as the score indicates,"
"The reason is that exploitation of this vulnerability could result in an attacker elevating privileges to root."
A remote code execution vulnerability identified as CVE-2026-20045 affects Cisco Unified Communications Manager, Unity Connection, and Webex Calling Dedicated Instance. Attackers are actively exploiting the flaw, and the U.S. Cybersecurity and Infrastructure Security Agency added the vulnerability to its Known Exploited Vulnerabilities catalog. Cisco released patches addressing the issue and assigned a Security Impact Rating of Critical despite a CVSS score of 8.2. The higher impact rating reflects the potential for privilege escalation to root if the vulnerability is exploited. Administrators are expected to apply supplied patches to affected systems promptly.
#cisco-unified-communications #cve-2026-20045 #remote-code-execution #cisa-known-exploited-vulnerabilities
Read at Computerworld
Unable to calculate read time
Collection
[
|
...
]