Hackers Exploit Critical Cisco Zero-Day Affecting Unified Communications Systems

Cisco patches critical zero-day flaw in communication systems, urging urgent updates to prevent remote exploits and privilege escalation.

By Content Team

Jan 22, 2026

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Cisco patched a critical zero-day vulnerability (CVE-2026-20045) being actively exploited by hackers targeting unified communications products. The flaw affects Cisco Unified Communications Manager, Session Management Edition, Unity Connection, and Webex Calling systems.

Attackers can exploit the vulnerability remotely without authentication by sending crafted HTTP requests to management interfaces. Successful attacks grant user-level access that can escalate to root privileges on the underlying operating system.

CISA added the vulnerability to its Known Exploited Vulnerabilities catalog, giving federal agencies until February 11 to patch. Hunter shows roughly 1,300 internet-exposed Cisco Unified CM instances, with nearly half located in the United States.

Source: Security Week

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Hackers Compromise 700+ Next.js Servers Using React2Shell Exploit

Apr 3, 2026

Adobe Patches Zero-Day Vulnerability Exploited for Months

Apr 14, 2026

Two US Cybersecurity Pros Plead Guilty Over Ransomware Attacks

Jan 2, 2026

CISA Flags Critical TrueConf Vulnerability Under Active Attack

Apr 6, 2026