Mitigate Cisco Unified CM SSRF Vulnerability

Cisco · Unified Communications Manager

Updated June 26, 2026

SeverityHigh

IT Intel Analysis

Cisco Unified Communications Manager contains a server-side request forgery (SSRF) vulnerability, allowing unauthenticated remote attackers to write files to the underlying operating system. This could potentially lead to elevated privileges. The vulnerability's addition to the CISA KEV catalog highlights its importance for immediate attention.

Impact if Unpatched

If exploited, this vulnerability could allow attackers to gain elevated access to the system, potentially disrupting communications services and leading to further malicious activities.

Remediation Steps

Apply the recommended security updates from Cisco to the Unified Communications Manager. Monitor system logs for signs of potential SSRF attacks.

More active vulnerabilities

CriticalCVE-2026-12569Patch Windchill Now Against Code Execution CriticalCVE-2025-67038Patch Lantronix EDS5000 Against Code Injection HighCVE-2026-34910Update UniFi OS Against Command Injection HighCVE-2026-34909Patch UniFi OS Path Traversal Vulnerability