Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access
The Hacker News • • technology
Key Points:
- Cisco has released patches for a critical security vulnerability (CVE-2026-20223) in its Secure Workload software that could allow unauthenticated remote attackers to access sensitive data and make configuration changes.
- The flaw stems from insufficient validation and authentication on REST API endpoints, enabling attackers to exploit the issue by sending crafted API requests with Site Admin privileges.
- The vulnerability affects both SaaS and on-premises deployments of Cisco Secure Workload Cluster Software, and Cisco states no workarounds are available.
- Fixed versions include Secure Workload 3.10.8.3 and 4.0.3.17, with users of earlier releases advised to migrate to patched versions.
- Cisco discovered the flaw during internal testing and has found no evidence of exploitation, though this disclosure follows a recent critical flaw in Cisco's Catalyst SD-WAN Controller that was actively exploited by threat actors.