CISA sets urgent deadline to fix Cisco flaw exploited in attacks

SecurityVulnerabilityCybersecurityCISA

CISA sets urgent deadline to fix Cisco flaw exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is giving federal agencies until Sunday to patch a vulnerability in Cisco Unified Communications Manager Server that is being actively exploited.

Identified as CVE-2026-20230, the security issue is server-side request forgery (SSRF) and has been added to the agency's catalog of Known Exploited Vulnerabilities (KEV).

Per Binding Operational Directive (BOD) 26-04, the remediation is deemed urgent and must addressed by Sunday, June 28.

image

Cisco marked CVE-2026-20230 with critical severity and released a patch on June 3, warning that it could be exploited remotely and without authentication via specially crafted HTTP requests.

At the time, the company noted that a proof-of-concept exploit existed, but had found no evidence of active exploitation.

Last weekend, threat detection startup Defused observed the vulnerability being exploited in attacks to write arbitrary text files to affected endpoints.

It is currently unknown what type of threat actor is leveraging CVE-2026-20230 in attacks.

Critical flaw in PLM products

CISA has also added CVE-2026-12569 to the KEV catalog, an improper input validation flaw impacting the PTC Windchill and FlexPLM software products.

Both are product lifecycle management (PLM) systems developed by PTC specifically for the manufacturing, engineering, retail, footwear, apparel, and consumer products industries.

CVE-2026-12569 is a critical-severity remote code execution (RCE) vulnerability that can be exploited through the deserialization of untrusted data.

PTC disclosed the issue on June 18 and published a security advisory, pointing customers to the complete list of vulnerable Windchill and FlexPLM versions and urging them to immediately take remediation steps.

According to the vendor, the flaw affects all versions up to 11.0 and multiple versions of the 11.1, 11.2, 12.0, 12.1, and 13.0 release branches.

CISA set the same June 28 deadline for federal agencies to patch CVE-2026-12569.

Agencies and organizations bound by BOD 26-04 should take immediate action to secure their systems by applying available security updates and vendor-recommended mitigations, or stop using the products mentioned by the set deadline.

Test every layer before attackers do

Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.

The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

Get the whitepaper

Synology issues critical fix for MailPlus Server vulnerabilities

Polymarket customers lose $3 million in supply-chain attack

Top News:

Microsoft links Mastra AI supply chain attack to North Korean hackers

Microsoft links Mastra AI supply chain attack to North Korean hackers

 June 20, 2026
Steam Workshop abused to spread malware via Wallpaper Engine app

Steam Workshop abused to spread malware via Wallpaper Engine app

 June 16, 2026
CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318)

CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318)

 June 8, 2026
Microsoft says Windows 11 26H2 is coming soon, details upgrade process

Microsoft says Windows 11 26H2 is coming soon, details upgrade process

 June 22, 2026
Windows 11 KB5095093 update rolls out new Point-in-Time restore feature

Windows 11 KB5095093 update rolls out new Point-in-Time restore feature

 June 23, 2026
Max severity Ivanti Sentry vulnerability now exploited in attacks

Max severity Ivanti Sentry vulnerability now exploited in attacks

 June 11, 2026