CVE-2025-20276

LOW

Cisco Unified Contact Center Express - Authenticated Remote Code Execution via Insecure Java Deserialization

Title source: llm

Description

A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, remote attacker to execute arbitrary code on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials.  This vulnerability is due to insecure deserialization of Java objects by the affected software. An attacker could exploit this vulnerability by sending a crafted Java object to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of an affected device as a low-privilege user. A successful exploit could also allow the attacker to undertake further actions to elevate their privileges to root.

References (1)

Core 1

Core References

Vendor Advisory

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uccx-multi-UhOTvPGL

Scores

CVSS v3 3.8

EPSS 0.0151

EPSS Percentile 81.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-502

Status published

Products (50)

cisco/unified_contact_center_express 8.5\(1\)

cisco/unified_contact_center_express 9.0\(2\)su3es04

cisco/unified_contact_center_express 10.0\(1\)su1

cisco/unified_contact_center_express 10.0\(1\)su1es04

cisco/unified_contact_center_express 10.5\(1\)

cisco/unified_contact_center_express 10.5\(1\)su1

cisco/unified_contact_center_express 10.5\(1\)su1es10

cisco/unified_contact_center_express 10.6\(1\)

cisco/unified_contact_center_express 10.6\(1\)su1

cisco/unified_contact_center_express 10.6\(1\)su2

... and 40 more

Published Jun 04, 2025

Tracked Since Feb 18, 2026