Cisco Unified Communications Products Remote Code Execution Vulnerability
Summary
A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Unity Connection, and Cisco Webex Calling Dedicated Instance could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to improper validation of user-supplied input in HTTP requests. An attacker could exploit this vulnerability by sending a sequence of craf…
CISA Known Exploited Vulnerability
- Listed:
- Jan 21, 2026 · federal remediation due Feb 11, 2026
- Required action:
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Ransomware use:
- Unknown
KEV is a prioritization signal from CISA — remediation detail still comes from the vendor advisory.
- Scope: This vulnerability affects the following Cisco products, regardless of device configuration:
- 12.5 — Migrate to a fixed release
- Release 14 (first fixed: 14SU5 or apply patch file:1)
- Release ciscocm.CSCwr21851_Remote_Code_Execution_v1.zip (first fixed: 15)
- Release 15SU4 or apply patch file:1 (first fixed: ciscocm.CSCwr21851_Remote_Code_Execution_v1.zip)
- 12.5 — Migrate to a fixed release
- Release 14 (first fixed: 14SU5 or apply patch file:1)
- Release ciscocm.cuc.CSCwr29208_C0266-v2.zip (first fixed: 15)
- Release 15SU4 (Mar 2026) or apply patch file:1 (first fixed: ciscocm.cuc.CSCwr29208_C0266-v2.zip)
Official advisory · high-confidence parse· fetched 6 hours ago·verify at source
- 14SU5 or apply patch file:1
- 15
- ciscocm.CSCwr21851_Remote_Code_Execution_v1.zip
- ciscocm.cuc.CSCwr29208_C0266-v2.zip
Official advisory · high-confidence parse· fetched 6 hours ago·verify at source
Mitigation checklist
- Upgrade to the first fixed release for your train per the Fixed Releases table in this advisory.
- Release 12.5: migrate to a fixed release.
- Release 14: upgrade to 14SU5 or apply patch file:1.
- Release ciscocm.CSCwr21851_Remote_Code_Execution_v1.zip: upgrade to 15.
- Release 15SU4 or apply patch file:1: upgrade to ciscocm.CSCwr21851_Remote_Code_Execution_v1.zip.
- Release 12.5: migrate to a fixed release.
- Release 14: upgrade to 14SU5 or apply patch file:1.
- Release ciscocm.cuc.CSCwr29208_C0266-v2.zip: upgrade to 15.
- Release 15SU4 (Mar 2026) or apply patch file:1: upgrade to ciscocm.cuc.CSCwr29208_C0266-v2.zip.
- There are no workarounds that address this vulnerability.
Official advisory · high-confidence parse· fetched 6 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.