Cisco Unified Contact Center Express Vulnerabilities Let Remote Attacker Execute Malicious Code

Posted on By CWS

Cisco has disclosed a number of crucial vulnerabilities in Unified Contact Middle Categorical (CCX) that enable unauthenticated distant attackers to execute malicious code and escalate privileges.

The vulnerabilities have an effect on the Java Distant Technique Invocation (RMI) course of and authentication mechanisms, probably compromising complete contact heart deployments.

RCE and Authentication Bypass Vulnerability

The first vulnerability, CVE-2025-20354, has a crucial CVSS rating of 9.8, permitting attackers to add arbitrary recordsdata by way of the Java RMI course of with out authentication.

Profitable exploitation permits attackers to execute instructions with root privileges on affected programs.

The vulnerability stems from improper authentication mechanisms in Cisco Unified CCX, leaving organizations’ contact heart infrastructure uncovered to finish compromise.

Attackers can leverage this flaw to ascertain persistent entry, steal delicate buyer information, or deploy ransomware throughout complete contact heart networks.

CVE-2025-20358 presents an equally harmful authentication bypass affecting the CCX Editor software.

Rated 9.4 on the CVSS scale, this vulnerability permits attackers to redirect the authentication move to malicious servers, tricking the CCX Editor into believing respectable authentication occurred.

As soon as bypassed, attackers achieve administrative permissions to create and execute arbitrary scripts as inside non-root customers.

This dual-vulnerability mixture creates a classy assault chain that permits distant attackers to escalate privileges and preserve management over contact heart operations progressively.

CVE IDVulnerability TypeCVSS ScoreCVE-2025-20354Remote Code Execution9.8CVE-2025-20358Authentication Bypass9.4

Cisco has launched software program updates addressing each vulnerabilities, with no workarounds out there.

Organizations operating Unified CCX model 12.5 SU3 and earlier should improve instantly to model 12.5 SU3 ES07, whereas customers on model 15.0 should set up model 15.0 ES01.

The vulnerabilities have an effect on all Unified CCX configurations no matter deployment settings. Different Cisco merchandise, together with Unified Contact Middle Enterprise (CCE) and Packaged Contact Middle Enterprise, stay unaffected.

Comply with us on Google Information, LinkedIn, and X for every day cybersecurity updates. Contact us to function your tales.

Cyber Security News Tags:, , , , , , , , , ,

Related Posts

Chinese ‘Salt Typhoon’ Hackers Hijacked US National Guard Network for Nearly a Year Cyber Security News
Hackers Sabotage Iranian Ships Using Maritime Communications Terminals in Its MySQL Database Cyber Security News
Threat Actors Attacking Linux SSH Servers to Deploy SVF Botnet Cyber Security News
Hackers Exploiting Critical Langflow Vulnerability to Deploy Flodrix Botnet and Take System Control Cyber Security News
Threat Actors Weaponizing Facebook and Google Ads as Financial Platforms to Steal Sensitive Data Cyber Security News
Cybersecurity Professionals Charged for Deploying ALPHV BlackCat Ransomware Against US Companies Cyber Security News