Cisco has patched a maximum-severity vulnerability in Secure Workload, its workload microsegmentation and protection platform, that lets an unauthenticated remote attacker reach internal REST API endpoints with the privileges of the Site Admin role. Tracked as CVE-2026-20223 and rated CVSS 10.0, the flaw was disclosed on May 21, 2026. There are no workarounds.
What happened
Secure Workload (the product formerly known as Tetration) is the thing a lot of shops bought specifically to enforce zero-trust segmentation across data center and cloud workloads. CVE-2026-20223 is a flaw in the security tool itself: the access validation on Secure Workload’s internal REST APIs is insufficient, so authentication can be skipped entirely.
Per Cisco’s advisory, “a successful exploit could allow the attacker to read sensitive information and make configuration changes across tenant boundaries with the privileges of the Site Admin user.” The attack is a single crafted API request to an affected endpoint. No credentials, no user interaction, no prior foothold — which is exactly the profile that earns a clean 10.0.
The important nuance: the bug is in the internal REST API surface, not the web management UI. Cisco found it during internal security testing and says there is no evidence of exploitation in the wild. That is cold comfort. Once a CVSS 10.0 advisory ships with version diffs attached, the gap between disclosure and a working request is measured in days, and an “internal” API is only internal until someone can route a packet to it.
Why it matters
Site Admin is the top of the tree in Secure Workload. An attacker at that level can read policy, inventory, and telemetry, then rewrite segmentation policy across tenant boundaries. In a multi-tenant deployment — a managed service provider, or a large enterprise carving business units into separate tenants — the cross-tenant scope means one request can compromise the segmentation posture of every tenant on the cluster.
Think through the blast radius. The platform you trusted to contain lateral movement becomes the instrument of it. An attacker who can flip policy can quietly open paths between workloads that your segmentation was specifically designed to keep apart, and the change looks like a legitimate admin action in the very tool you would use to investigate.
This also lands one week after CVE-2026-20182, a separate CVSS 10.0 authentication bypass in Cisco Catalyst SD-WAN Controller that is already being exploited in the wild by a threat actor tracked as UAT-8616. Two perfect-10 auth bypasses in Cisco infrastructure management planes inside eight days is a pattern worth flagging to whoever owns your patch SLAs.
Affected versions and fixes
The vulnerability affects Cisco Secure Workload Cluster Software on both SaaS and on-premises deployments, regardless of device configuration:
- Release 3.9 and earlier — no fixed build; migrate to a fixed release.
- Release 3.10 — fixed in 3.10.8.3.
- Release 4.0 — fixed in 4.0.3.17.
SaaS customers should confirm with Cisco that their tenant has been moved to a fixed build rather than assuming it.
What to do right now
Patch. There is no mitigating configuration and no workaround, so the only action that closes the hole is upgrading to 3.10.8.3 or 4.0.3.17. On-prem operators should treat this as an emergency change window — an internet-reachable or broadly routable Secure Workload cluster is the priority.
While you schedule the upgrade, restrict network reachability to the cluster’s API endpoints to known management subnets, and pull API and admin-action logs for any configuration changes or cross-tenant reads you cannot account for. If you run Secure Workload multi-tenant, audit current segmentation policy against your known-good baseline before and after patching.
Cisco’s advisory is published as cisco-sa-csw-pnbsa-g8WEnuy on the Cisco Security Advisories portal.