The flaws, tracked as CVE-2025-20354 and CVE-2025-20358, affect the Java Remote Method Invocation (RMI) process and CCX Editor application, respectively.
Both vulnerabilities stem from improper authentication mechanisms and carry CVSS base scores of 9.8 and 9.4, earning a “Critical” severity rating from Cisco.
CVE-2025-20354 represents the more severe threat, enabling remote attackers to upload malicious files through the Java RMI process without authentication.
Successful exploitation enables attackers to execute arbitrary commands on the underlying operating system with root privileges, granting complete system control.
CVE-2025-20358 targets the CCX Editor application, allowing attackers to circumvent authentication by redirecting the authentication flow to a malicious server.
This tricks the CCX Editor into granting administrative permissions for script creation and execution. While exploitation results in access as an internal non-root user rather than root, attackers can still create and execute arbitrary scripts on the affected server.
The vulnerabilities affect all Cisco Unified CCX deployments regardless of configuration. Cisco has confirmed that related products, including Packaged Contact Center Enterprise and Unified Contact Center Enterprise, are not impacted by these flaws.
The authentication bypass in CVE-2025-20358 exploits weaknesses in communication protocols between the CCX Editor and Unified CCX servers, while CVE-2025-20354 leverages insufficient validation in the Java RMI process to enable arbitrary file uploads.
Cisco has released patches for affected versions:
No workarounds are available to mitigate these vulnerabilities. Cisco strongly recommends that organizations running affected versions upgrade to the fixed releases immediately to remediate the security risks fully.
Organizations using Cisco Unified CCX should prioritize patching these vulnerabilities given their critical severity and the potential for unauthenticated remote code execution.
The Cisco Product Security Incident Response Team reports no evidence of active exploitation or public proof-of-concept code at this time, providing a window for proactive remediation.
System administrators should verify their current Unified CCX versions and schedule maintenance windows to apply the security updates. Given the lack of workarounds, patching remains the only effective defense against these vulnerabilities.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post Multiple vulnerabilities in Cisco Unified CCX Allow Attackers to Execute Arbitrary Commands appeared first on Cyber Security News.
ABILENE, Texas (KTAB/KRBC) – Texas State Technical College (TSTC) in Abilene is now offering specialized…
ABILENE, Texas (KTAB/KRBC) - An arrest has been made in connection with a north Abilene…
BIG COUNTRY, Texas (KTAB/KRBC) - In this episode of Carter and Kat’s Weather Chat, our…
ABILENE, Texas (KTAB/KRBC) - One person was injured in an accident in north Abilene on…
Nintendo has advised fans to ensure they have Resident Evil Requiem's day one patch installed…
The Marathon Server Slam is off to a quick start, with impressive player numbers on…
This website uses cookies.