CVE-2025-20354

CWE-434Unrestricted File UploadCWE-306Missing Authentication5 documents5 sources
Severity
9.8CRITICAL
EPSS
0.2%
top 59.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Unified Contact Center ExpressCisco Cisco Unified Contact Center Express
Timeline
PublishedNov 5
Latest updateNov 6

Description

A vulnerability in the Java Remote Method Invocation (RMI) process of Cisco Unified CCX could allow an unauthenticated, remote attacker to upload arbitrary files and execute arbitrary commands with root permissions on an affected system. This vulnerability is due to improper authentication mechanisms that are associated to specific Cisco Unified CCX features. An attacker could exploit this vulnerability by uploading a crafted file to an affected system through the Java RMI process. A successful

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

NVDcisco/unified_contact_center_express< 12.5\(1\)_su03_es07+1

🔴Vulnerability Details

2
GHSA
GHSA-px5r-4v6x-q5mv: A vulnerability in the Java Remote Method Invocation (RMI) process of Cisco Unified CCX could allow an unauthenticated, remote attacker to upload arbi2025-11-05
CVEList
Cisco Unified Contact Center Express Remote Code Execution Vulnerability2025-11-05

📋Vendor Advisories

1
Cisco
Cisco Unified Contact Center Express Remote Code Execution Vulnerabilities2025-11-05

🕵️Threat Intelligence

1
Bleepingcomputer
Critical Cisco UCCX flaw lets attackers run commands as root2025-11-06
CVE-2025-20354 (CRITICAL CVSS 9.8) | A vulnerability in the Java Remote | cvebase.io