AN alert has been issued regarding two critical vulnerabilities: CVE-2026-12569 affecting PTC Windchill and FlexPLM, and CVE-2026-20230 related to Cisco Unified Communications Manager. A detailed report by Mandiant reveals that attackers exploited a zero-day flaw (CVE-2026-20245) in Cisco SD-WAN to gain root-level access to a service provider's infrastructure.
The breach involved unauthorized peering connections and manipulation of default passwords, followed by the upload of a malicious CSV file to escalate privileges. The attackers have erased traces of their activity, but the full scale of the impact remains unclear. Administrators are urged to update their systems to fixed versions to prevent further intrusions and monitor for indicators of compromise.