Cisco has launched safety updates to deal with a maximum-severity Safe Workload vulnerability that permits attackers to realize Website online Admin privileges.
Previously referred to as Cisco Tetration, Cisco Safe Workload is helping admins scale back their community’s assault floor thru 0 consider microsegmentation and prevent lateral motion to stay industry programs protected.
Tracked as CVE-2026-20223, the protection flaw used to be present in Safe Workload’s inside REST APIs, and it allows unauthenticated attackers to get admission to sources with the privileges of the Website online Admin function.
“This vulnerability is because of inadequate validation and authentication when getting access to REST API endpoints. An attacker may exploit this vulnerability if they may be able to ship a crafted API request to an affected endpoint,” Cisco defined in a Wednesday advisory.
“A a hit exploit may permit the attacker to learn delicate knowledge and make configuration adjustments throughout tenant barriers with the privileges of the Website online Admin person.”
Cisco says there are not any workarounds for this safety flaw, has launched application updates to patch it for on-premises consumers, and has already addressed it within the cloud-based Cisco Safe Workload SaaS deployment.
| Cisco Safe Workload Unencumber | First Mounted Unencumber |
|---|---|
| 3.9 and previous | Migrate to a set free up. |
| 3.10 | 3.10.8.3 |
| 4.0 | 4.0.3.17 |
The corporate additionally added that its Product Safety Incident Reaction Workforce (PSIRT) has now not discovered proof that the vulnerability has been exploited within the wild ahead of publishing this week’s advisory.
Previous this month, Cisco warned that any other most severity authentication bypass vulnerability (CVE-2026-20182) affecting its Catalyst SD-WAN software-based networking platform used to be being actively exploited as a zero-day, permitting attackers to realize admin privileges.
The U.S. Cybersecurity and Infrastructure Safety Company (CISA) added the CVE-2026-20182 flaw to its Recognized Exploited Vulnerabilities Catalog on Would possibly 14 and ordered federal companies to safe affected units inside 3 days, through Would possibly 17.
In early Would possibly, Cisco additionally launched safety updates for a denial-of-service (DoS) vulnerability in Crosswork Community Controller (CNC) and Community Products and services Orchestrator (NSO), which calls for manually rebooting focused programs to recuperate.
Over the last 5 years, CISA has flagged 91 Cisco vulnerabilities as actively exploited, six of that have been utilized by more than a few ransomware gangs.
Automatic pentesting gear ship actual price, however they had been constructed to respond to one query: can an attacker transfer throughout the community? They weren’t constructed to check whether or not your controls block threats, your detection regulations hearth, or your cloud configs dangle.
This information covers the 6 surfaces you in fact want to validate.
Obtain Now
