Ethical Hacking News
Cisco's Secure Workload Nightmare: A Perfect 10 Bug Leaves Customers Reeling
In this latest development, Cisco has disclosed another perfect 10 vulnerability that could allow attackers to access sensitive data and make configuration changes across tenant boundaries. The bug is a significant concern for customers, who are now left to wonder how they can remediate the issue without additional guidance from the company.
Cisco has disclosed a critical vulnerability (CVE-2026-20223) in its Secure Workload Cluster Software that can be exploited by unauthenticated attackers. The bug is caused by weak validation and authentication checks in internal REST API endpoints, which can access sensitive data and make configuration changes across tenant boundaries. Customers running version 3.9 or earlier need to migrate to a supported fixed release, while cloud-hosted SaaS deployments have already been patched. The vulnerability has been assigned a 10.0 CVSS score, indicating its severity and potential impact on system security.
Cisco has once again made headlines for all the wrong reasons, this time by disclosing a vulnerability that earned it a full 10.0 CVSS treatment. The bug, tracked as CVE-2026-20223, affects Cisco Secure Workload Cluster Software in both SaaS and on-prem environments, leaving customers worried about sensitive data being accessed and configuration changes made across tenant boundaries.
The issue boils down to weak validation and authentication checks in internal REST API endpoints, which are currently vulnerable to exploitation by unauthenticated attackers. According to Cisco's advisory, these attackers could "read sensitive information and make configuration changes across tenant boundaries with the privileges of the Site Admin user." This is a significant concern for customers, as it undermines one of the core assumptions of multi-tenant infrastructure: that somebody else's compromise is not supposed to become your problem.
In practical terms, this means that attackers don't require credentials, user interaction, or any significant effort to exploit the bug. The fact that this vulnerability has been assigned a 10.0 CVSS score suggests that it is particularly severe and could have significant impacts on system security.
Currently, there are no workarounds available to mitigate this issue, which means that customers will need to install fixed releases to fully remediate the problem. Cisco Secure Workload 3.10 is fixed in version 3.10.8.3, while 4.0 is fixed in 4.0.3.17. Customers running version 3.9 or earlier are being told to migrate to a supported fixed release.
Fortunately, cloud-hosted SaaS deployments have already been patched and require no customer action. However, the fact that this vulnerability was discovered during internal security testing suggests that it may not be an isolated incident. Cisco has spent much of the past year disclosing one 9.8-plus infrastructure flaw after another across products spanning firewalls, management platforms, identity systems, and enterprise networking gear.
At this point, Cisco seems to be treating 10.0 CVSS scores as a recurring feature rather than a special occasion. The company's recent run of high-severity vulnerabilities has left many in the industry worried about its ability to ensure the security of its products.
Related Information:
https://www.ethicalhackingnews.com/articles/Ciscos-Secure-Workload-Nightmare-A-Perfect-10-Bug-Leaves-Customers-Reeling-ehn.shtml
https://www.theregister.com/security/2026/05/21/cisco-serves-up-yet-another-perfect-10-bug-with-secure-workload-admin-flaw/5244012
https://nvd.nist.gov/vuln/detail/CVE-2026-20223
https://www.cvedetails.com/cve/CVE-2026-20223/
Published: Thu May 21 08:07:46 2026 by llama3.2 3B Q4_K_M
