The vulnerabilities reside in the Java Remote Method Invocation (RMI) process and pose significant risks to enterprise contact center deployments worldwide.
The vulnerabilities were first disclosed on November 5, 2025, and updated on November 13, 2025. Two distinct CVEs have been identified affecting the platform, with CVSS scores of 9.8 and 9.4, indicating critical severity.
These flaws require no user interaction and can be exploited over the network by unauthenticated attackers.
The first vulnerability, CVE-2025-20354, allows remote attackers to upload arbitrary files and execute commands with root privileges via improper authentication.
The second flaw, CVE-2025-20358, enables authentication bypass in the CCX Editor application, granting attackers administrative permissions to create and execute malicious scripts.
Both vulnerabilities stem from weak authentication controls and can be exploited independently. Cisco has confirmed there are no available workarounds, making immediate patching the only mitigation strategy.
Cisco Unified CCX versions 12.5 SU3 and earlier, as well as version 15.0, are vulnerable. Fixed versions are now available: 12.5 SU3 ES07 for legacy deployments and 15.0 ES01 for newer installations. Organizations should prioritize upgrading to these patched releases immediately.
Other Cisco contact center products, including Unified Contact Center Enterprise and Packaged Contact Center Enterprise, are not affected by these vulnerabilities.
| CVE ID | Bug ID | CVSS Score | Attack Vector | Severity | Description |
|---|---|---|---|---|---|
| CVE-2025-20354 | CSCwq36528 | 9.8 | Network/Unauthenticated | Critical | Arbitrary file upload and root-level command execution via Java RMI process |
| CVE-2025-20358 | CSCwq36573 | 9.4 | Network/Unauthenticated | Critical | Authentication bypass in CCX Editor allowing malicious script creation and execution |
Organizations using Cisco Unified CCX should apply the security updates without delay. The vulnerabilities affect all platform configurations, making comprehensive patching essential. Administrators should verify their current software versions and plan upgrade schedules accordingly.
Find this Story Interesting! Follow us on Google News, LinkedIn, and X to Get More Instant Updates.
The post Cisco Unified Contact Center Express Vulnerability Enables Remote Code Execution appeared first on Cyber Security News.
Forza Horizon 6 suffered a significant leak after the entire game was reportedly made available…
May 10, 2026 Imagine if the biggest, most influential businesses in this country came together…
Crimson Desert developer Pearl Abyss has released this week’s update as promised, and it adds…
It took nearly 50 years. WKRP in Cincinnati is no longer just a TV sitcom.…
The Mountain Home Area Chamber of Commerce hosted its 2026 Four-Person Scramble Golf Tournament Friday…
Growing up and spending all of his 44-years in Lead Hill and living on the…
This website uses cookies.