By Sergiu Gatlan
Publication Date: 2026-04-16 12:01:00
Cisco has released security updates to patch four critical vulnerabilities, including a fixed improper certificate validation flaw in the company’s cloud-based Webex Services platform that requires further customer action.
Webex Services is a customer experience platform that unifies communication across hybrid work environments, enabling team members to call, meet, and message each other from any location or device.
Tracked as CVE-2026-20184, the Webex vulnerability was found in the single sign-on (SSO) integration with Control Hub (a web-based portal that helps IT admins manage Webex settings) and allows remote attackers with no privileges to impersonate any user.
“Prior to this vulnerability being addressed, an attacker could have exploited this vulnerability by connecting to a service endpoint and supplying a crafted token,” Cisco explained in a Wednesday advisory. “A successful exploit could have allowed the attacker to gain unauthorized access to…
