CVE-2025-20375

Name of the Vulnerable Software and Affected Versions Cisco Unified Contact Center Express (Unified CCX) (affected versions not specified)

Description A flaw exists in the web interface of Cisco Unified CCX that may allow a remote attacker with valid administrative credentials to upload and execute arbitrary files. This is due to inadequate input validation within specific user interface features. Successful exploitation could enable an attacker to upload files to the system and execute them, potentially gaining access to the underlying operating system. The vulnerability involves unrestricted file upload of malicious file types.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.