Vulners
Lucene search
Cisco Unified Communications Manager (CUCM) Remote Code Execution (cisco-sa-voice-rce-mORhqY4b)
| Reporter | Title | Published | Views | Family All 22 |
|---|---|---|---|---|
 | Exploit for Code Injection in Cisco Unified_Communications_Manager | 23 Feb 202617:12 | – | githubexploit |
 | CVE-2026-20045 | 21 Jan 202616:26 | – | attackerkb |
 | CVE-2026-20045 | 21 Jan 202617:08 | – | circl |
 | Cisco Unified Communications Products Code Injection Vulnerability | 21 Jan 202600:00 | – | cisa_kev |
 | CISA Adds One Known Exploited Vulnerability to Catalog | 21 Jan 202612:00 | – | cisa |
 | Cisco Unified Communications Products Remote Code Execution Vulnerability | 21 Jan 202616:00 | – | cisco |
 | Cisco Unified Communications Manager IM & Presence Service Remote Code Execution (cisco-sa-voice-rce-mORhqY4b) | 23 Jan 202600:00 | – | nessus |
| Cisco Unity Connection Remote Code Execution (cisco-sa-voice-rce-mORhqY4b) | 22 Jan 202600:00 | – | nessus |
 | Cisco’s various products have security vulnerabilities | 21 Jan 202600:00 | – | cnnvd |
 | CVE-2026-20045 | 21 Jan 202616:26 | – | cve |
10
#TRUSTED 15e71a5e3c57692e2f268c43f417c05e3e0c7f632f0752cbbf482cfde6d1ac39d5d1c7ab2443f9af80b07fa78c789701c1c3d73e16f9fa206d2033b92b8ad2914d8247e00a976a8e30b0e47da16e4efe17e329b1ead1a27c6579ed7880b129352e70cec8d6004a806167791e5069db1249097fb231526912fd376e6a65fab68895cfe0d1a04af12d6d38be9a4c3d3e49db97881acc9c48ad63fe41107fd4a653947b5e978dc0b480c0f81327228001e334e0211ebfb6f8e2ae830dd8d588eee33616393af92fd810fbb2b478416d820e79bf88720054b4e4a07a9a2d76c4fb4d80d278c703f29e72846965763d21ebff71dabebbcf30505382bb4b53a8c1484bd78c6ae2ba3f56cc564a984ade0e90929ca3876fea3f773ceaabc32f762449ea1500d64ae2a583d3923d7e27c260f569edc79a7cba6275e43854d4179ae56f8d425f8de6f027104023e5ae8f39366368c72ab2f09ad104a289b67f4f525759b00bcad176161970dad26e79fc755d82b8e95c6513b78b7551fc4de7a2c8dc7fa148d56e3b8c04f809a8f032fed48c8c76cf042e9345993b15de8864c72bbcaf9a699dc87abe3fabf86777efe9efbe9ef2509c19ef096303a00bdb38bed552513203245719d263a0a16a04e48050c9aa62d4c76deef6335a06f4fc68b3772d92b0512b5f9f2097c4d4abdd5cb0062ad1a50f10a7ed53c45430f4812f8fee3cb00d
#TRUST-RSA-SHA256 288bc80efa994aeecadbcf241a3d13421ee24e29eb809a65d51e2006a1acde69911325a2d94b973b68dbcb027c417d0d3a0ba2c8825741e5f1416c426704d119e72b4024eb9ea4fabbc030649e32c08887b04c4273e333ca63ebab2413c4a1bcb0dea284c7b49ef0be4592ad20e0146ef9ec9357e35a9ff9cebdc064739e635e04f8c33913c21d98660aa7ca9600dad25e313a599db07927d93dcf363a8794453e57a74eeff8c26dd62347d9508fc52dcb0664ecc553eb0d350adcf35d56084dbb21224e6efa366f508deb2472cc34b6a68af9a0d272e0707ec1002d33b95d24a63cc30e14032249345e3810ec14308955a030d6ea74662edee5466c9c79fca69cd04a5356e8f41fe83f947f4073e25633f42e05104d5cfd536ac1bd530b44043f2b30d1dbbda1616b25f364b3c5a9fc224a986042a51bce671cd7a0fdc6f225b0c4cdb98cff59b23b5b3903f65d3e8946590dff8ba1db660a810dca4d67e99f33f4845facd7e4af79523b459d7573510e700383727570a732af2248e4779ac0194fe2440904091f3cb0b5d4fdd3dbec541fa6dde37855d68d0e553a8de892dc2975850d6c04118c79de6ed8dae1615bc19bebe2a33d6765e3d8710400bad716adca79d3fd3689674ef1b3b338912a2c52ee11fec290d829fd136f570e54204c670e984be171465d1a41ae260b75dbeb9d709a6fcd7c77dc645aaa8b10ea1f10
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(296364);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/02/02");
script_cve_id("CVE-2026-20045");
script_xref(name:"CISCO-BUG-ID", value:"CSCwr21851");
script_xref(name:"CISCO-SA", value:"cisco-sa-voice-rce-mORhqY4b");
script_xref(name:"IAVA", value:"2026-A-0082");
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2026/02/11");
script_name(english:"Cisco Unified Communications Manager (CUCM) Remote Code Execution (cisco-sa-voice-rce-mORhqY4b)");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
script_set_attribute(attribute:"description", value:
"According to its self-reported version, the remote Cisco Unified Communications Manager is affected by a remot code
execution vulnerability:
- A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session
Management Edition (Unified CM SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P),
Cisco Unity Connection, and Cisco Webex Calling Dedicated Instance could allow an unauthenticated, remote attacker
to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to
improper validation of user-supplied input in HTTP requests. An attacker could exploit this vulnerability by sending
a sequence of crafted HTTP requests to the web-based management interface of an affected device. A successful
exploit could allow the attacker to obtain user-level access to the underlying operating system and then elevate
privileges to root. (CVE-2026-20045)
Please see the included Cisco BID and Cisco Security Advisory for more information.");
# https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voice-rce-mORhqY4b
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?3417e480");
script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwr21851");
script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug ID CSCwr21851.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2026-20045");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2026/01/21");
script_set_attribute(attribute:"patch_publication_date", value:"2026/01/21");
script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/23");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:unified_communications_manager");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CISCO");
script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("cisco_ucm_detect.nbin");
script_require_keys("Host/Cisco/CUCM/Version");
exit(0);
}
include('ccf.inc');
var product_info = cisco::get_product_info(name:'Cisco Unified Communications Manager');
var version_active = get_kb_item('Host/Cisco/show_version_active');
if ('CSCwr21851' >< version_active)
audit(AUDIT_HOST_NOT, 'affected due to an installed security patch');
var vuln_ranges = [
{'min_ver':'12.5', 'fix_ver':'12.9999'},
{'min_ver':'14', 'fix_ver':'14.0.1.15900'},
{'min_ver':'15', 'fix_ver':'15.0.1.14900'}
];
var reporting = make_array(
'port' , 0,
'severity' , SECURITY_HOLE,
'version' , product_info['version'],
'bug_id' , 'CSCwr21851',
'fix' , 'See vendor advisory',
'disable_caveat', TRUE
);
cisco::check_and_report(product_info:product_info, reporting:reporting, vuln_ranges:vuln_ranges);Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
02 Feb 2026 00:00Current
6.3Medium risk
Vulners AI Score6.3
CVSS 3.18.2 - 9.8
EPSS0.0393
SSVC