CVE-2026-20045 - PatchNow

Data Source: CIRCL

Confidence: HIGH

Exploitation Method: DIRECT_NETWORK

CVE Published: 2026-01-21

Added to CISA KEV: 2026-01-21 0 DAY BETWEEN CVE AND KEV

CRITICAL: Immediately check for indicators of compromise - Cisco confirms active exploitation attempts. Review web server logs for unusual HTTP request patterns, verify system integrity, and check for unauthorized access or privilege escalation
Apply security patches immediately - Cisco has assigned Critical SIR rating due to root privilege escalation potential
Implement network segmentation to restrict management interface access to trusted networks only
Monitor web management interface access logs for suspicious crafted HTTP request sequences
HIGHEST patch priority - actively exploited critical infrastructure vulnerability

Cisco Unified Communications Products Remote Code Execution...
An attacker could exploit this vulnerability by sending a sequence of crafted HTTP requests to the web-based management interface of an affected device. A successful exploit could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to root. Note: Cisco has assigned this security advisory a Security Impact Rating (SIR) of Critical rather than High as the score indicates. The reason is that exploitation of this vulnerability could result in an attacker elevating privileges to root.
CVE-2026-20045 - High Vulnerability - TheHackerWire
An attacker could exploit this vulnerability by sending a sequence of crafted HTTP requests to the web-based management interface of an affected ...
Known Exploited Vulnerabilities Catalog
CVE-2026-20805. Microsoft Windows Information Disclosure Vulnerability: · Related CWE: CWE-200. Known To Be Used in Ransomware Campaigns? Unknown ; CVE-2025-8110.

🔴 CVE-2026-20045