Happy Friday! The following are the Initial Access Intelligence team's deliverables for the past week.
This week, the team added an exploit for an unauthenticated blind SQL injection vulnerability affecting Cisco Unified CM, Unified CM SME, IM&P, Unity Connection, and Webex Calling Dedicated Instance. CVE-2026-20045 targets the SSO service provider endpoint, where Authorization: Bearer tokens are interpolated directly into queries against the backing IBM Informix database. The injection is time-based: the exploit calibrates a timing oracle, uses Informix's extractvalue() to read the AES decryption key from disk via XXE, extracts encrypted admin credentials, and decrypts them offline.
While Cisco's advisory classifies this as RCE, our team only confirmed SQL injection and credential extraction. This SQLi may be the first step in a larger chain, but further post-auth steps remain unvalidated. CVE-2026-20045 was exploited as a zero-day by as-yet unattributed threat actors. A few hundred instances appear to be exposed online, and GreyNoise is tracking exploitation attempts. The team delivered an exploit, PCAPs, and updated network signatures for CVE-2026-20045.
The team developed an exploit for CVE-2026-20841, a recently disclosed vulnerability in Microsoft Notepad versions 11.0.0 through 11.2510. Affected versions improperly handle certain URI schemes when parsing links in Markdown files, which can result in unintended code execution. The vulnerability isn't yet known to be exploited in the wild. Our exploit comes with a Sigma rule and an EVTX file.
Continuing our week of local exploits, the team developed an exploit for WinRAR < 7.12 that has been reported exploited by at least four named threat actors, including Russian and Indian APTs. Vulnerable versions of WinRAR allow paths to be traversed on extraction of files, which can be used to achieve RCE via Windows Startup paths or via Word template injection. This vulnerability was added to the VulnCheck KEV on August 8, 2025; CISA KEV added it four months later. Our exploit includes an EVTX event log, a Sigma rule, and a YARA rule to detect malicious RAR files.
The team added an exploit for CVE-2025-32463, a local privilege escalation in sudo versions prior to 1.9.17p2. A local user can exploit path confusion in sudo's --chroot handling to load a shared object and escalate to root. The vulnerability was added to both VulnCheck KEV and CISA KEV on September 29, 2025, though the threat actor(s) exploiting it in the wild remain unattributed; at time of writing, there are more than 65 known exploits for this vulnerability. While this is a local privilege escalation and therefore ASM data isn't available, sudo is nearly ubiquitous across Linux environments: Any unpatched system where a user can invoke sudo with --chroot is at risk. The team provided an exploit —which supports both a precompiled shared object and on-target compilation — a version check, and a YARA rule for detecting the malicious C source.
The team also added an exploit for a local vulnerability affecting non-Windows Git clients. Git's mishandling of carriage return (CR) characters in parsing repository configs permits arbitrary code execution upon a recursive clone of a specially crafted repository. Due to the need for a recursive clone to be executed, attackers have employed sophisticated social engineering tactics for successful exploitation. Per an August 2025 report from KuCoin, Lazarus Group was identified leveraging CVE-2025-48384 in a phishing campaign targeting financial institution employees. CVE-2025-48384 was added to both the VulnCheck KEV and CISA KEV on August 25, 2025.
Our exploit comes with a Docker target and a PCAP demonstrating successful exploitation.
Finally, the team added coverage for an unauthenticated command injection vulnerability in Apache Spark's Master UI. The vulnerability has been exploited in the wild by unattributed threat actors and at least three botnets—Kinsing, Zerobot, and RondoDox—since late 2022. Note that exploitation requires the non-default spark.acls.enable configuration, which limits the vulnerable surface area across roughly 3,000 exposed Spark instances online. The team delivered an exploit, a version scanner, PCAPs, network signatures, a target Docker container, and ASM queries.