CVE-2025-20354

Name of the Vulnerable Software and Affected Versions Cisco Unified Contact Center Enterprise (Cisco Unified CCX) (affected versions not specified)

Description A flaw exists in the Java Remote Method Invocation (RMI) process of Cisco Unified CCX. This issue could allow a remote attacker to upload arbitrary files. Successful exploitation may enable the attacker to execute arbitrary commands with root privileges on the system. The root cause is improper authentication mechanisms associated with specific Cisco Unified CCX features. An attacker could exploit this by uploading a crafted file through the Java RMI process.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.