Cisco confirmed that hackers are exploiting CVE-2026-20230, a Unified CM vulnerability allowing privilege escalation to root.