Overview
- Cisco released fixes for its Secure Workload product covering the cloud SaaS instance and on‑prem Cluster Software with fixed releases such as 3.10.8.3 and 4.0.3.17.
- The flaw, tracked as CVE-2026-20223 and rated CVSS 10.0, stems from insufficient validation and authentication of internal REST API endpoints and lets crafted requests act with Site Admin privileges.
- A successful exploit could let an attacker read sensitive data and change configurations across tenant boundaries because the vulnerability elevates privileges at the API layer.
- Cisco’s Product Security Incident Response Team reports no evidence of active exploitation so far and says there are no workarounds, so upgrading is the primary mitigation.
- The disclosure follows recent, actively exploited Cisco vulnerabilities that drew CISA attention and raises pressure on organizations to patch quickly to reduce risk.