Initiativen für
Als nationale Behörde für Cybersicherheit hat das ZCB mehrere Initiativen für bestimmte Zielgruppen entwickelt, die hier vorgestellt werden.
Warning: Critical Cisco Unified Communications Remote Code Execution Vulnerability, Patch Immediately!
Image
Veröffentlicht : 22/01/2026
- Last update: 22/01/2026
- Affected software:
→ Cisco Unified Communications Products- Type: CWE-94 Improper Control of Generation of Code ('Code Injection')
- CVE/CVSS
→ CVE-2026-20045: CVSS 8.2 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N)
Sources
Risks
Cisco Unified Communications products are commonly used for enterprise telephony, messaging, and collaboration, making them critical for daily business operations. A critical vulnerability has been identified that allows an unauthenticated remote attacker to execute commands on affected systems.
This vulnerability is actively exploited in the wild and can lead to full system compromise with root privileges. Exploitation is possible over the network via the web management interface and does not require user interaction, making it relatively easy for attackers to abuse.
A successful attack could result in service outages, unauthorised access to sensitive communications data, and the use of the affected system as a pivot point into the internal network. Organisations are strongly advised to update affected systems immediately to reduce the risk of disruption and compromise.
Description
CVE-2026-20045: Cisco Unified Communications Products (Critical, Actively Exploited)
CVE-2026-20045 is a remote code execution vulnerability caused by improper input validation in HTTP requests. By sending specially crafted requests to the web-based management interface, an unauthenticated attacker can execute arbitrary commands on the underlying operating system.
Successful exploitation allows the attacker to gain user-level access and subsequently escalate privileges to root, resulting in full control of the affected system.
Recommended Actions
Patch
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority after thorough testing.
Monitor/Detect
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity and ensure a swift response in case of an intrusion.
In case of an intrusion, you can report an incident via https://ccb.belgium.be/en/cert/report-incident.
While patching appliances or software to the newest version may protect against future exploitation, it does not remediate historic compromise.