Hackers exploit serious Cisco vulnerability to steal 110 million passwords from business communications systems.
Security researchers have uncovered a serious weakness in Cisco's business phone and communications software that attackers are actively exploiting. The vulnerability, identified as CVE-2026-20230, allows criminals to bypass normal security protections and steal user login credentials at an alarming scale. Early reports suggest that approximately 110 million user accounts may have had their passwords compromised during this campaign.
The affected systems are Cisco Unified Communications Manager and its variant called Unified CM SME—both widely deployed in corporate offices, hospitals, universities, and government agencies worldwide. These platforms handle internal phone systems, video conferencing, and instant messaging for millions of employees globally. When security researchers assigned a risk rating to this flaw, they gave it a score of 8.6 out of 10, placing it in the "critical" category where immediate action becomes necessary.
Think of your communications system like a locked building with a front desk that verifies who you are before letting you inside. This vulnerability is like someone discovering that the front desk worker accepts fake identification without checking carefully. An attacker can walk up, present false credentials, and the system grants them access as if they were legitimate employees.
What makes this particularly dangerous is that once criminals obtain valid login information, they gain access to internal communications—emails, messages, call records, and sensitive business conversations. For companies, this is like someone gaining access to all phone calls and private office discussions.
If your organization uses Cisco's communications platform, your credentials are potentially at risk. This isn't a theoretical problem happening somewhere else—attackers are actively using this weakness right now to harvest passwords.
For IT administrators: Immediately check if your organization runs either version of Cisco Unified Communications Manager. Contact your Cisco account representative for security patches and apply them as soon as they become available. Monitor your systems for signs of unauthorized access.
For all employees: Be aware that if your company uses this system, your password may be compromised. Don't assume your credentials are safe. Watch for suspicious login attempts and unusual account activity. Enable multi-factor authentication wherever available—this adds an extra security lock that makes stolen passwords much less useful to attackers.
General best practice: Change your password for this system and any other services that share the same login credentials. Use complex, unique passwords that you don't repeat elsewhere.
This incident reminds us that even enterprise-grade software from major vendors can harbor serious security problems, making constant vigilance and rapid response essential for protecting digital assets.
Want to understand the technology behind this story? ITVedas has beginner-friendly guides on every IT topic.
Explore IT Chapters →