{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-20045","assignerOrgId":"d1c1063e-7a18-46af-9102-31f8928bc633","state":"PUBLISHED","assignerShortName":"cisco","dateReserved":"2025-10-08T11:59:15.354Z","datePublished":"2026-01-21T16:26:20.312Z","dateUpdated":"2026-02-26T14:44:34.950Z"},"containers":{"cna":{"title":"Cisco Unified Communications Products Remote Code Execution Vulnerability","metrics":[{"format":"cvssV3_1","cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"}}],"descriptions":[{"lang":"en","value":"A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM &amp; Presence Service (Unified CM IM&amp;P), Cisco Unity Connection, and Cisco Webex Calling Dedicated Instance could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device.&nbsp;\r\n\r\nThis vulnerability is due to improper validation of user-supplied input in HTTP requests. An attacker could exploit this vulnerability by sending a sequence of crafted HTTP requests to the web-based management interface of an affected device. A successful exploit could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to root.&nbsp;\r\nNote: Cisco has assigned this security advisory a Security Impact Rating (SIR) of Critical rather than High as the score indicates. The reason is that exploitation of this vulnerability could result in an attacker elevating privileges to root."}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voice-rce-mORhqY4b","name":"cisco-sa-voice-rce-mORhqY4b"}],"exploits":[{"lang":"en","value":"The Cisco PSIRT is aware of attempted exploitation of this vulnerability in the wild. Cisco strongly recommends that customers upgrade to a fixed software release to remediate this vulnerability."}],"source":{"advisory":"cisco-sa-voice-rce-mORhqY4b","discovery":"EXTERNAL","defects":["CSCwr21851"]},"problemTypes":[{"descriptions":[{"lang":"en","description":"Improper Control of Generation of Code ('Code Injection')","type":"cwe","cweId":"CWE-94"}]}],"affected":[{"vendor":"Cisco","product":"Cisco Unified Communications Manager","versions":[{"version":"12.5(1)SU2","status":"affected"},{"version":"12.5(1)SU1","status":"affected"},{"version":"12.5(1)","status":"affected"},{"version":"12.5(1)SU3","status":"affected"},{"version":"12.5(1)SU4","status":"affected"},{"version":"14","status":"affected"},{"version":"12.5(1)SU5","status":"affected"},{"version":"14SU1","status":"affected"},{"version":"12.5(1)SU6","status":"affected"},{"version":"14SU2","status":"affected"},{"version":"12.5(1)SU7","status":"affected"},{"version":"12.5(1)SU7a","status":"affected"},{"version":"14SU3","status":"affected"},{"version":"12.5(1)SU8","status":"affected"},{"version":"12.5(1)SU8a","status":"affected"},{"version":"15","status":"affected"},{"version":"15SU1","status":"affected"},{"version":"14SU4","status":"affected"},{"version":"14SU4a","status":"affected"},{"version":"15SU1a","status":"affected"},{"version":"12.5(1)SU9","status":"affected"},{"version":"15SU2","status":"affected"},{"version":"15.0.1.13010-1","status":"affected"},{"version":"15.0.1.13011-1","status":"affected"},{"version":"15.0.1.13012-1","status":"affected"},{"version":"15.0.1.13013-1","status":"affected"},{"version":"15.0.1.13014-1","status":"affected"},{"version":"15.0.1.13015-1","status":"affected"},{"version":"15.0.1.13016-1","status":"affected"},{"version":"15.0.1.13017-1","status":"affected"},{"version":"15SU3a","status":"affected"}],"defaultStatus":"unknown"},{"vendor":"Cisco","product":"Cisco Unified Communications Manager IM and Presence Service","versions":[{"version":"12.5(1)","status":"affected"},{"version":"12.5(1)SU1","status":"affected"},{"version":"12.5(1)SU2","status":"affected"},{"version":"12.5(1)SU3","status":"affected"},{"version":"12.5(1)SU4","status":"affected"},{"version":"14","status":"affected"},{"version":"12.5(1)SU5","status":"affected"},{"version":"14SU1","status":"affected"},{"version":"12.5(1)SU6","status":"affected"},{"version":"14SU2","status":"affected"},{"version":"14SU2a","status":"affected"},{"version":"12.5(1)SU7","status":"affected"},{"version":"14SU3","status":"affected"},{"version":"12.5(1)SU8","status":"affected"},{"version":"15","status":"affected"},{"version":"15SU1","status":"affected"},{"version":"14SU4","status":"affected"},{"version":"12.5(1)SU9","status":"affected"},{"version":"15SU2","status":"affected"},{"version":"15SU3","status":"affected"}],"defaultStatus":"unknown"},{"vendor":"Cisco","product":"Cisco Unity Connection","versions":[{"version":"12.5(1)","status":"affected"},{"version":"12.5(1)SU1","status":"affected"},{"version":"12.5(1)SU2","status":"affected"},{"version":"12.5(1)SU3","status":"affected"},{"version":"12.5(1)SU4","status":"affected"},{"version":"14","status":"affected"},{"version":"12.5(1)SU5","status":"affected"},{"version":"14SU1","status":"affected"},{"version":"12.5(1)SU6","status":"affected"},{"version":"14SU2","status":"affected"},{"version":"12.5(1)SU7","status":"affected"},{"version":"14SU3","status":"affected"},{"version":"12.5(1)SU8","status":"affected"},{"version":"14SU3a","status":"affected"},{"version":"12.5(1)SU8a","status":"affected"},{"version":"15","status":"affected"},{"version":"15SU1","status":"affected"},{"version":"14SU4","status":"affected"},{"version":"12.5(1)SU9","status":"affected"},{"version":"15SU2","status":"affected"},{"version":"15SU3","status":"affected"}],"defaultStatus":"unknown"}],"providerMetadata":{"orgId":"d1c1063e-7a18-46af-9102-31f8928bc633","shortName":"cisco","dateUpdated":"2026-02-13T20:33:31.808Z"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2026-20045","role":"CISA Coordinator","options":[{"Exploitation":"active"},{"Automatable":"yes"},{"Technical Impact":"total"}],"version":"2.0.3","timestamp":"2026-01-22T04:55:44.107919Z"}}},{"other":{"type":"kev","content":{"dateAdded":"2026-01-21","reference":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20045"}}}],"references":[{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20045","tags":["government-resource"]}],"timeline":[{"time":"2026-01-21T00:00:00.000Z","lang":"en","value":"CVE-2026-20045 added to CISA KEV"}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-02-26T14:44:34.950Z"}}]}}