Cisco plugs up Unified Comms zero-day under active exploit
Critical zero-day CVE-2026-20045 in Cisco Unified Communications web management enables unauthenticated remote code execution and is being exploited; apply vendor fixes immediately.
Cisco Fixes Actively Exploited Zero-Day CVE-2026-20045 in Unified CM and Webex
CVE-2026-20045 (CVSS 8.2) allows unauthenticated remote attackers to execute arbitrary OS commands and escalate to root in multiple Cisco Unified Communications and Webex Calling Dedicated Instance products.
