Access Validation Flaw in Cisco Secure Workload
CVE-2026-20223
Key Information:
- Vendor
Cisco
- Status
- Vendor
- CVE Published:
- 20 May 2026
Badges
What is CVE-2026-20223?
CVE-2026-20223 is a significant vulnerability affecting Cisco Secure Workload, a solution designed to enhance security and workload management within IT environments. This vulnerability arises from an access validation flaw in the internal REST APIs used by the platform. Due to insufficient authentication checks, an unauthenticated remote attacker could exploit this weakness by sending specially crafted API requests to access resources that are typically restricted. If exploited, the attacker could gain unauthorized access to sensitive data and exercise privileges equivalent to the Site Admin role, posing a severe risk to organizational integrity and security.
Potential impact of CVE-2026-20223
-
Unauthorized Access to Sensitive Resources: Exploiting this vulnerability allows attackers to access confidential information and resources, potentially leading to data breaches that compromise user privacy and operational confidentiality.
-
Uncontrolled Configuration Changes: With elevated privileges, attackers can alter configurations across tenant boundaries, which could disrupt services and lead to significant operational challenges.
-
Increased Risk of Escalation of Attack: The elevated access provided by this vulnerability can serve as a foothold for further attacks within the organization's infrastructure, leading to broader system compromise and potential deployment of malware.
Affected Version(s)
Cisco Secure Workload 2.2.1.41
Cisco Secure Workload 3.2.1.18
Cisco Secure Workload 3.3.2.50
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
News Articles
/pcq/media/member_avatars/pcquest (1).png){kind=small}
PcquestCVE-2026-20223Cisco Secure Workload flaw turns defender tools into a security risk
Security: Cisco Secure Workload patch fixes CVE-2026-20223, a critical API flaw that could expose sensitive data, policy settings, and admin controls if left open.
3 weeks ago
It Security NewsCVE-2026-20223Critical Cisco Secure Workload Vulnerability Enables Unauthorized API Access - IT Security News
Cisco has disclosed a critical security vulnerability in its Secure Workload platform that could allow unauthenticated attackers to gain unauthorized access to sensitive resources via internal APIs. The flaw, tracked as CVE-2026-20223, carries a maximum CVSS score of 10.0 and…Read more →
3 weeks ago
It Security NewsCVE-2026-20223Critical Vulnerability in Cisco Secure Workload Threatens Enterprise API Security - IT Security News
Cisco has disclosed a critical security vulnerability in its Secure Workload platform that could allow unauthenticated attackers to gain high-level administrative access to sensitive enterprise environments. The flaw, tracked as CVE-2026-20223, carries a maximum CVSS score of 10.0 and is…Read more →
3 weeks ago
References
CVSS V3.1
Timeline
- 📈
Vulnerability started trending
- 🟡
Public PoC available
- 📰
First article discovered by It Security News
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved