Vulnerabilities
Cisco Secure Workload Has a CVSS 10.0 Flaw — Unauthenticated Attackers Can Seize Site Admin of the Tool Built to Contain Them
Cisco patched CVE-2026-20223, a CVSS 10.0 flaw in Cisco Secure Workload: insufficient authentication on internal REST API endpoints lets an unauthenticated attacker seize Site Admin — full control of the microsegmentation platform built to contain attackers.