CVE- 2026-20230 is a critical unauthenticated SSRF vulnerability affecting Cisco Unified CM and SME. This flaw can lead to root-level compromise when the WebDialer service is enabled, which is disabled by default. Exploitation involves sending a crafted HTTP request that manipulates the server, allowing the attacker to write files and potentially elevate privileges. Though Proof-of-Concept exploit code is publicly available, Cisco reports no active exploitation observed.
Recommendations include patching affected systems swiftly, disabling WebDialer if immediate patching isn't possible, and implementing targeted monitoring for signs of exploitation.