Cisco Serves up yet Another Perfect 10 Bug with Secure Workload Admin Flaw
Cisco said no workarounds exist for the maximum-severity flaw, which affects on-premises and cloud deployments and lets unauthenticated attackers gain Site Admin access.
- Cisco released updates patching CVE-2026-20223, a maximum-severity vulnerability allowing unauthenticated attackers to gain Site Admin privileges in Cisco Secure Workload. The flaw affects both SaaS and on-premises environments, earning a perfect 10.0 CVSS score.
- Weak validation and authentication in internal REST API endpoints cause the flaw, Cisco explained. An attacker can "read sensitive information and make configuration changes across tenant boundaries" by sending a crafted API request.
- Customers running Cisco Secure Workload Release 3.9 or earlier must migrate to supported versions; 3.10 users update to 3.10.8.3 and 4.0 users to 4.0.3.17. Cloud-hosted SaaS deployments are already patched and require no action.
- Although the bug carries a 10.0 severity score, Cisco's Product Security Incident Response Team has not found evidence of active exploitation in the wild. The flaw was discovered during internal security testing, with no workarounds currently available.
- This disclosure continues a trend of high-scoring security advisories, occurring less than a week after Cisco warned of another maximum-severity authentication bypass vulnerability in its Catalyst SD-WAN platform. Cisco has disclosed numerous 9.8-plus infrastructure flaws over the past year.
17 Articles
17 Articles
Cisco serves up yet another perfect 10 bug with Secure Workload admin flaw
Cisco has disclosed yet another perfect 10 vulnerability, this time warning that unauthenticated attackers could gain Site Admin privileges in its Secure Workload platform simply by sending crafted API requests to vulnerable systems. The bug, tracked as CVE-2026-20223, earned the full 10.0 CVSS treatment and affects Cisco Secure Workload Cluster Software in both SaaS and on-prem environments. According to Cisco's barebones advisory, the issue bo…
Cisco has closed a vulnerability with the highest possible risk level in its Secure Workload security platform, which allows attackers to gain administrator rights and read sensitive data from corporate networks without logging in. Both local installations and cloud environments are affected.
Cisco provides an update that closes a vulnerability with the highest possible risk assessment in Secure Workload.
The Hacker News
Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access
Cisco has rolled out updates for a maximum-severity security flaw impacting Secure Workload that could allow an unauthenticated, remote attacker to access sensitive data. Tracked as CVE-2026-20223 (CVSS score: 10.0), the vulnerability arises from insufficient validation and authentication when accessing REST API endpoints. "An attacker could exploit this vulnerability if they are able to send
Coverage Details
Bias Distribution
- 100% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium
