Attackers Exploit Critical Cisco CUCM Flaw Within 24 Hours of Disclosure

Attackers weaponized a critical flaw in Cisco Unified Communications Manager (CUCM) and Unified CM Session Management Edition (SME) within less than 24 hours of its disclosure. The vulnerability enables server-side request forgery (SSRF) and allows privilege escalation to root access on affected deployments. No specific CVE ID, technical exploit details, or exact date of exploitation were provided in the report. The flaw impacts Cisco’s enterprise communication and collaboration platforms, though the scope of affected systems remains unspecified. The rapid exploitation highlights the urgency for organizations to apply mitigations or patches.