A essential safety advisory addressing a number of extreme vulnerabilities in Cisco Unified Contact Heart Specific (Unified CCX).
That would permit unauthenticated distant attackers to execute arbitrary instructions and compromise affected programs.
The vulnerabilities had been disclosed on November 5, 2025, with the advisory up to date on November 13, 2025. Two distinct vulnerabilities have been recognized within the Java Distant Technique Invocation (RMI) strategy of Unified CCX.
CVE IDAffected ComponentCVSSImpactCVE-2025-20354Cisco Unified CCX (Java RMI)9.8Allows unauthenticated attackers to add recordsdata and run instructions as rootCVE-2025-20358Cisco Unified CCX Editor9.4Let attackers bypass login and acquire admin entry for script execution
The primary vulnerability, tracked as CVE-2025-20354, allows attackers to add malicious recordsdata and execute arbitrary instructions with root privileges on affected programs.
This flaw stems from improper authentication mechanisms related to particular Unified CCX options.
Attackers can exploit the vulnerability by importing crafted recordsdata by way of Java RMI with out authentication, gaining full system management.
The second vulnerability, CVE-2025-20358, exists within the CCX Editor software and permits attackers to bypass authentication to acquire administrative permissions for script creation and execution.
Attackers can redirect the authentication movement to malicious servers, tricking the CCX Editor into believing authentication was profitable.
This allows them to create and execute arbitrary scripts on the underlying working system. Each vulnerabilities carry a Important safety influence ranking. CVE-2025-20354 has a CVSS rating of 9.8.
Whereas CVE-2025-20358 carries a CVSS rating of 9.4, no workarounds can be found for both vulnerability.
Impression and Affected Variations
The vulnerabilities have an effect on Cisco Unified CCX no matter machine configuration.
Cisco Unified Contact Heart Enterprise (Unified CCE) and Packaged Contact Heart Enterprise (Packaged CCE) aren’t affected.
Susceptible variations embrace Cisco Unified CCX 12.5 SU3 and earlier, in addition to model 15.0. Cisco has launched fastened software program addressing these points: model 12.5 SU3 ES07 for the 12.5 department and model 15.0 ES01 for the 15.0 department.
Cisco strongly recommends upgrading to the most recent patched variations of software program. Organizations ought to prioritize updating Unified CCX deployments to mitigate the danger of distant code execution assaults.
The vulnerabilities had been reported by safety researcher Jahmel Harris of NATO Cyber Safety Centre (NCSC). At the moment, Cisco isn’t conscious of any public exploits or lively malicious use of those vulnerabilities within the wild.
AI-Powered ISO 27001, SOC 2, NIST, NIS 2, and GDPR Compliance Guidelines => Begin for Free
