279/69 Friday, May 22, 2026
Cisco has released security updates to address a maximum-severity vulnerability in Cisco Secure Workload, tracked as CVE-2026-20223 (CVSS 10.0). The vulnerability is caused by insufficient authentication and authorization validation in an internal REST API, allowing unauthenticated remote attackers to send specially crafted API requests to affected endpoints.
If successfully exploited, attackers could gain access to system resources with Site Admin privileges, enabling them to read sensitive information and modify configurations across tenant boundaries. Cisco stated that the vulnerability affects only the internal REST API and does not impact the web management interface. The issue affects both SaaS deployments and on-premises Cluster Software installations of Secure Workload.
Cisco has addressed the vulnerability in Secure Workload versions 3.10.8.3 and 4.0.3.17. At this time, the company stated that there is no evidence of active exploitation in the wild. System administrators are strongly advised to verify their current deployment versions and upgrade to the patched releases as soon as possible to reduce the risk of unauthorized system access.