Max severity Cisco Secure Workload flaw gives Site Admin privileges

Cisco has released security updates to address a maximum-severity Secure Workload vulnerability that allows attackers to gain Site Admin privileges. Formerly known as Cisco Tetration, Cisco Secure Workload helps admins reduce their network's attack surface through zero trust microsegmentation and stop lateral movement to keep business applications safe. Tracked as CVE-2026-20223, the security flaw was found in Secure Workload's internal REST APIs, and it enables unauthenticated attackers to access resources with the privileges of the Site Admin role. "This vulnerability is due to insufficient validation and authentication when accessing REST API endpoints. An attacker could exploit this vulnerability if they are able to send a crafted API request to an affected endpoint," Cisco explained in a Wednesday advisory. "A successful exploit could allow the attacker to read sensitive information and make configuration changes across tenant boundaries with the privileges of the Site Admin user." Cisco says there are no workarounds for this security flaw, has released software updates to patch it for on-premises customers, and has already addressed it in the cloud-based Cisco Secure Workload SaaS deployment. The company also added that its Product Security Incident Response Team (PSIRT) has not found evidence that the vulnerability has been exploited in the wild before publishing this week's advisory. Earlier this month, Cisco warned that another maximum severity authentication bypass...