Date: 2026/05/25

【Vulnerability Alert】Critical Security Vulnerability Found in Cisco Secure Workload (CVE-2026-20223)

  • Subject: 【Vulnerability Alert】Critical Security Vulnerability Found in Cisco Secure Workload (CVE-2026-20223)


  • Description:
    • Forwarded from Taiwan Computer Emergency Response Team / Coordination Center Security Alert TWCERTCC-200-202605-00000013
    • An unauthorized API access vulnerability (CVE-2026-20223, CVSS: 10.0) exists in Cisco Secure Workload, which could allow an unauthenticated remote attacker to access website resources with Site Admin privileges.
  • Affected Platforms:
    • Cisco Secure Workload versions 3.9 and earlier
    • Cisco Secure Workload versions prior to 3.10.8.3
    • Cisco Secure Workload versions prior to 4.0.3.17
  • Recommended Actions:
    • Please update to Cisco Secure Workload versions 3.10.8.3 and later, or Cisco Secure Workload versions 4.0.3.17 and later
  • References:
    1. https://www.twcert.org.tw/tw/cp-169-10913-16db1-1.html

Computer and Communication Center
Network Systems Division