Cisco Unified Communications Manager and Unified CM SME are under active exploitation via an unauthenticated SSRF vulnerability that chains to root-level arbitrary file writes. A public proof-of-concept is available and reconnaissance activity is confirmed, with EPSS at the 97.7th percentile. A companion arbitrary file write vulnerability in Catalyst SD-WAN Manager broadens the blast radius across Cisco’s unified communications and WAN management estate.