CISA sets urgent deadline to fix Cisco flaw exploited in attacks

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning to federal agencies to patch two recently discovered vulnerabilities within a tight deadline. The flaws, one of which is already being actively exploited by attackers, put sensitive systems at risk of compromise.

A server-side request forgery (SSRF) vulnerability in Cisco’s Unified Communications Manager Server has been identified as CVE-2026-20230 and marked with critical severity. This flaw can be exploited remotely and without authentication through specially crafted HTTP requests. Although Cisco released a patch on June 3, threat detection startup Defused observed the issue being used in attacks to write arbitrary text files to affected endpoints just last weekend.

The vulnerability has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog, which lists issues that are being actively exploited by attackers. As a result, federal agencies have until Sunday, June 28, to apply the patch and ensure their systems are secure.

A second critical flaw, CVE-2026-12569, has also been added to the KEV catalog. This improper input validation issue affects product lifecycle management (PLM) software products from PTC, including Windchill and FlexPLM. The vulnerability is a remote code execution (RCE) flaw that can be exploited through the deserialization of untrusted data. PTC disclosed the issue on June 18 and urged customers to take remediation steps immediately.

Both vulnerabilities require prompt attention from federal agencies and organizations bound by CISA’s Binding Operational Directive (BOD) 26-04, which sets out strict guidelines for securing systems against known threats. The deadline for patching both flaws is set at Sunday, June 28, with agencies advised to apply available security updates and vendor-recommended mitigations or cease using the affected products altogether.

It’s worth noting that these vulnerabilities serve as a stark reminder of the ongoing threat posed by unpatched software vulnerabilities. Attackers will always seek out weaknesses in systems, making it essential for organizations to stay on top of patches and updates to maintain their security posture.

In light of this latest development, we urge all organizations – not just federal agencies – to prioritize patching these critical flaws within the given timeframe. By doing so, they can significantly reduce the risk of being compromised by attackers who are actively exploiting these vulnerabilities.


Source: Bleeping Computer — 2026-06-26