CVE-2026-20223
Cisco Secure Workload Unauthorized API Access Vulnerability
Vexday Risk Score
48Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
CVSS 10EPSS 0.9%KEV nãoPoC públicaNuclei —Metasploit —Patch —
Lifecycle
20 May 2026Published on NVD
22 May 2026Public PoC
Recommendation: Plan a near-term fix — a public PoC already exists.
A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the Site Admin role.
This vulnerability is due to insufficient validation and authentication when accessing REST API endpoints. An attacker could exploit this vulnerability if they are able to send a crafted API request to an affected endpoint. A successful exploit could allow the attacker to read sensitive information and make configuration changes across tenant boundaries with the privileges of the Site Admin user.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected products
Cisco · Cisco Secure Workloadpublic PoCs found — 1
githubgithub.com/HORKimhab/CVE-2026-20223★ 0⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →