Ptechhub
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
PtechHub
No Result
View All Result

Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials

The Hacker News by The Hacker News
July 3, 2025
Home Cybersecurity
Share on FacebookShare on Twitter


Jul 03, 2025Ravie LakshmananVulnerability / Network Security

Cisco has released security updates to address a maximum-severity security flaw in Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition (Unified CM SME) that could permit an attacker to login to a susceptible device as the root user, allowing them to gain elevated privileges.

The vulnerability, tracked as CVE-2025-20309, carries a CVSS score of 10.0.

“This vulnerability is due to the presence of static user credentials for the root account that are reserved for use during development,” Cisco said in an advisory released Wednesday.

“An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to log in to the affected system and execute arbitrary commands as the root user.”

Hardcoded credentials like this usually come from testing or quick fixes during development, but they should never make it into live systems. In tools like Unified CM that handle voice calls and communication across a company, root access can let attackers move deeper into the network, listen in on calls, or change how users log in.

Cybersecurity

The networking equipment major said it found no evidence of the flaw being exploited in the wild, and that it was discovered during internal security testing.

CVE-2025-20309 affects Unified CM and Unified CM SME versions 15.0.1.13010-1 through 15.0.1.13017-1, irrespective of device configuration.

Cisco has also released indicators of compromise (IoCs) associated with the flaw, stating successful exploitation would result in a log entry to “/var/log/active/syslog/secure” for the root user with root permissions. The log can retrieved by running the below command from the command-line interface –

cucm1# file get activelog syslog/secure

The development comes merely days after the company fixed two security flaws in Identity Services Engine and ISE Passive Identity Connector (CVE-2025-20281 and CVE-2025-20282) that could permit an unauthenticated attacker to execute arbitrary commands as the root user.

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.





Source link

Tags: computer securitycyber attackscyber newscyber security newscyber security news todaycyber security updatescyber updatesdata breachhacker newshacking newshow to hackinformation securitynetwork securityransomware malwaresoftware vulnerabilitythe hacker news
The Hacker News

The Hacker News

Next Post
Fine-tuning to deliver business AI value | Computer Weekly

Fine-tuning to deliver business AI value | Computer Weekly

Recommended.

⚡ Weekly Recap: Password Manager Flaws, Apple 0-Day, Hidden AI Prompts, In-the-Wild Exploits & More

⚡ Weekly Recap: Password Manager Flaws, Apple 0-Day, Hidden AI Prompts, In-the-Wild Exploits & More

August 25, 2025
Microsoft’s Massive Patch Tuesday Release Is ‘Ominous’ Sign For 2025: Researcher

Microsoft’s Massive Patch Tuesday Release Is ‘Ominous’ Sign For 2025: Researcher

January 16, 2025

Trending.

CELLCOM ISRAEL LTD. Announcement of A Special General Meeting of The Shareholders of The Company

CELLCOM ISRAEL LTD. Announcement of A Special General Meeting of The Shareholders of The Company

May 21, 2025
Veeam Debuts Data Resiliency Maturity Model To Assess, Improve Customers’ Cyber Resiliency

Veeam Debuts Data Resiliency Maturity Model To Assess, Improve Customers’ Cyber Resiliency

April 23, 2025
MocPOGO Easter Special Deals: The Pokémon GO Spoofer You Need for Might and Mastery 2025!

MocPOGO Easter Special Deals: The Pokémon GO Spoofer You Need for Might and Mastery 2025!

April 7, 2025
VNET Wins 40MW Wholesale Order from Leading Internet Company for Its New Strategic IDC Campus

VNET Wins 40MW Wholesale Order from Leading Internet Company for Its New Strategic IDC Campus

September 11, 2025
Insurance Modernization at Risk as Workforce Strategies Fall Behind, Says Info-Tech Research Group

Insurance Modernization at Risk as Workforce Strategies Fall Behind, Says Info-Tech Research Group

May 8, 2026

PTechHub

A tech news platform delivering fresh perspectives, critical insights, and in-depth reporting — beyond the buzz. We cover innovation, policy, and digital culture with clarity, independence, and a sharp editorial edge.

Follow Us

Industries

  • AI & ML
  • Cybersecurity
  • Enterprise IT
  • Finance
  • Telco

Navigation

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Subscribe to Our Newsletter

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Copyright © 2025 | Powered By Porpholio

No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs

Copyright © 2025 | Powered By Porpholio