CVE-2025-20376

Name of the Vulnerable Software and Affected Versions Cisco Unified Contact Center Express (Unified CCX) (affected versions not specified)

Description A flaw exists in the web interface of Cisco Unified CCX that may allow a remote attacker with valid administrative credentials to upload and execute arbitrary files. This is due to inadequate input validation related to file upload mechanisms. Successful exploitation could enable the attacker to execute commands on the system and gain root-level privileges. The vulnerability involves unrestricted file uploads of malicious types.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.