A maximum-severity (CVSS 10.0) vulnerability in Cisco Secure Workload's on-premises deployment allows unauthenticated remote attackers to gain site admin privileges by sending a crafted HTTP request to an internal REST API endpoint. The flaw (CVE-2026-20223) requires no authentication and has no workarounds — patching is the only fix. Affected versions include 3.10 (upgrade to 3.10.8.3) and 4.0 (upgrade to 4.0.3.17); those on 3.9 or earlier must migrate. The SaaS version has already been patched by Cisco. In multi-tenant deployments, the blast radius could span multiple business units or customers. Cisco discovered the flaw internally and no exploitation in the wild has been observed, but security experts urge treating it as an active threat rather than waiting for a routine patch cycle.
Sort: