The vulnerabilities affect the Java Remote Method Invocation (RMI) process and authentication mechanisms, potentially compromising entire contact center deployments.
The primary vulnerability, CVE-2025-20354, has a critical CVSS score of 9.8, allowing attackers to upload arbitrary files via the Java RMI process without authentication.
Successful exploitation allows attackers to execute commands with root privileges on affected systems.
The vulnerability stems from improper authentication mechanisms in Cisco Unified CCX, leaving organizations’ contact center infrastructure exposed to complete compromise.
Attackers can leverage this flaw to establish persistent access, steal sensitive customer data, or deploy ransomware across entire contact center networks.
CVE-2025-20358 presents an equally dangerous authentication bypass affecting the CCX Editor application.
Rated 9.4 on the CVSS scale, this vulnerability allows attackers to redirect the authentication flow to malicious servers, tricking the CCX Editor into believing legitimate authentication occurred.
Once bypassed, attackers gain administrative permissions to create and execute arbitrary scripts as internal non-root users.
This dual-vulnerability combination creates a sophisticated attack chain that allows remote attackers to escalate privileges and maintain control over contact center operations progressively.
| CVE ID | Vulnerability Type | CVSS Score |
|---|---|---|
| CVE-2025-20354 | Remote Code Execution | 9.8 |
| CVE-2025-20358 | Authentication Bypass | 9.4 |
Cisco has released software updates addressing both vulnerabilities, with no workarounds available.
Organizations running Unified CCX version 12.5 SU3 and earlier must upgrade immediately to version 12.5 SU3 ES07, while users on version 15.0 must install version 15.0 ES01.
The vulnerabilities affect all Unified CCX configurations regardless of deployment settings. Other Cisco products, including Unified Contact Center Enterprise (CCE) and Packaged Contact Center Enterprise, remain unaffected.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post Cisco Unified Contact Center Express Vulnerabilities Let Remote Attacker Execute Malicious Code appeared first on Cyber Security News.
Battlefield 6 players think they’ve discovered that one of the three maps coming in Season…
A new trailer for Dragon Ball Super: Beerus has arrived, teasing a look at not…
Bandai Namco has announced Dragon Ball Xenoverse 3 for PC via Steam, PlayStation 5, and…
ABILENE, Texas (KTAB/KRBC) – Abilene City Council Place 4 candidate Tammy Fogle is sharing her…
A new weekend has arrived, and today, you can save big on Apple AirTags, 4K…
Director Joe Russo has confirmed the upcoming Avengers: Endgame re-release will include new footage that…
This website uses cookies.