Vulnerability Report

CVE-2026-20223

RCE

Title: Unauthenticated API Access in Cisco Secure Workload

RCE

Proof Of Concept

PoC Available for CVE-2026-20223

CWE Category CWE-306

Published Date May 20, 2026

Modified Date May 20, 2026

Exploit Status Available

Score 10.0 CVSS v3.1

Exploit Probability (EPSS)

0.89%

Vulnerability Summary

CVE-2026-20223: A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the Site Admin role. This vulnerability is due to insufficient validation and authentication when accessing REST API endpoints. An attacker could exploit this vulnerability if they are able to send a crafted API request to an affected endpoint. A successful exploit could allow the attacker to read sensitive information and make configuration changes across tenant boundaries with the privileges of the Site Admin user. 

Impacted Vendors

Analysis in Progress...

Reference Links

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csw-pnbsa-g8WEnuy

CVSS v3.1

Source Entity [email protected]

Severity CRITICAL

10.0

Attack Vector

NETWORK

Complexity

LOW

Privileges

N/A

Interaction

NONE

Confidentiality

N/A

Integrity

N/A

Availability

N/A

Scope

CHANGED

RAW VECTOR CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2026-20223 Exploits & PoCs (Proof Of Concept)

GitHub https://github.com/HORKimhab/CVE-2026-20223

View Code

May 20, 2026 MODIFIED

Vulnerability data updated via NVD.

Attack Vector Matrix

Access Vector NETWORK

Complexity LOW

Privileges N/A

Interaction NONE

CVSS Vector String


                                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Affected Stack

No specific products linked.