—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Remote Code Execution Vulnerability in CISCO 

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: CRITICAL

Systems Affected

Cisco Unified CCX

Overview

Multiple vulnerabilities have been reported in the Java Remote Method Invocation (RMI) process of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to upload arbitrary files, bypass authentication, execute arbitrary commands, and elevate privileges to root.

Target Audience: 

All IT administrators and individuals responsible for maintaining and updating in Cisco Unified CCX.

Risk Assessment:

High risk of data manipulation and service disruption.

Impact Assessment:

Potential impact on confidentiality, integrity, and availability of the system.

Description

1.  Remote Code Execution Vulnerability ( CVE-2025-20354   )

This vulnerability exists due to improper authentication mechanisms that are associated to specific Cisco Unified CCX features. An attacker could exploit this vulnerability by uploading a crafted file to an affected system through the Java RMI process.

Successful exploitation of this vulnerability could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root.

2.  Authentication Bypass Vulnerability ( CVE-2025-20358   )

This vulnerability exists due to improper authentication mechanisms in the communication between the CCX Editor and an affected Unified CCX server. An attacker could exploit this vulnerability by redirecting the authentication flow to a malicious server and tricking the CCX Editor into believing the authentication was successful.

Successful exploitation of this vulnerability could allow the attacker to create and execute arbitrary scripts on the underlying operating system of an affected Unified CCX server, as an internal non-root user account.

Solution

Apply appropriate updates as mentioned in Cisco Advisory

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-unauth-rce-QeN8h7mQ

Vendor Information

CISCO

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-unauth-rce-QeN8h7mQ

References

CISCO

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-unauth-rce-QeN8h7mQ

CVE Name

CVE-2025-20354

CVE-2025-20358

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmkN750ACgkQ3jCgcSdc

ys9RTw/9GEcbLLK6J+HFWHbMHblI6RQ9Gi1qV5wTA+WrbIgNji4LEX04zj8IGUBw

pB6Anz/PgszykkRKKGkKMYHkB0ZiNP42FG8V5iZgHsGoKOOj9b0Saj/oBDRGHOLc

Rw7ofo40osrzmiHAeMN1h4MBG5RIzknlPbOTq4sJ7aYJiDPAw+fEknKIrZTOZ8yx

VB7neBiyf3/klW/YvSGln9f8GxucCKYvtg56/JLwusOPIqkGGROR8fL5o5wwf6V0

TdbSL9tU7v2wLBfwUbdr9Bwy8T2ANMLFVLXjxnUXvTPfsaBtaRLa1PiivMNZzxek

3IVeHTwqcFobPm299UrQ1fD5tRvNoYZ0+JXoseQykJNRtn5H03Ds7jPCxKzxEXv4

PwmIwWbdoV+lClr00IN57cYMIhwu+jpsxXsIKofL6T6VsM1cl39BWtxOOozfxwt6

ZYhd3KTa8vF5k4qhJaCp2zXWpUZ2rKhM6gjRM8ibZLEuWlzfsIL1qlZ+AL6rjikj

3Irj577nF4Z7S5Mq0qrYFcbu7TbMeCj2QaesnHsP1W4uUAglZUXJErupKq/BO1ZI

lgA8ViZG7/+6mUhLaGNJNnWiy4r0v5iQufh2lqiBX6LUTfwDZ8/EGd8LIng1MiqC

E1Sfx9+/Ot7BotvUSm5PvIRk74iUdL4JtSzDVJkLlP0X3PNY52U=

=P+18

—–END PGP SIGNATURE—–