【Vulnerability Alert】Critical Security Vulnerability Found in Cisco Secure Workload (CVE-2026-20223)

• Subject: 【Vulnerability Alert】Critical Security Vulnerability Found in Cisco Secure Workload (CVE-2026-20223)

• Description:
  • Forwarded from Taiwan Computer Emergency Response Team / Coordination Center Security Alert TWCERTCC-200-202605-00000013
  • An unauthorized API access vulnerability (CVE-2026-20223, CVSS: 10.0) exists in Cisco Secure Workload, which could allow an unauthenticated remote attacker to access website resources with Site Admin privileges.
• Affected Platforms:
  • Cisco Secure Workload versions 3.9 and earlier
  • Cisco Secure Workload versions prior to 3.10.8.3
  • Cisco Secure Workload versions prior to 4.0.3.17
• Recommended Actions:
  • Please update to Cisco Secure Workload versions 3.10.8.3 and later, or Cisco Secure Workload versions 4.0.3.17 and later
• References:
  1. https://www.twcert.org.tw/tw/cp-169-10913-16db1-1.html

Computer and Communication Center
Network Systems Division