Published 1 year ago • loading... • Updated 1 year ago

Cisco Scores a Perfect 10 for a Critical Comms Flaw

On July 3, 2025, Cisco issued a security advisory highlighting a severe vulnerability impacting specific Engineering Special versions of its Unified Communications Manager and the related Session Management Edition.
The vulnerability arises from hardcoded root credentials meant for development that remain unchangeable and allow unauthenticated remote attackers root access.
Cisco confirmed no exploitation in the wild but warned that a successful attack enables arbitrary root commands and encouraged admins to check logs for suspicious SSH root logins.
Administrators must either update their systems to the latest Unified CM and Unified CM SME 15SU3 release scheduled for July 2025 or obtain the CSCwp27755 patch through Cisco's Technical Assistance Center, as no alternative fixes are available; according to Cisco, upgrading to the most recent software version is the only effective remedy.
This flaw, CVE-2025-20309, rated a maximum CVSS score of 10.0, joins recent critical fixes in Cisco products, highlighting persistent risks from leftover development credentials in live systems.

Insights by Ground AI

Podcasts & Opinions

Podcast Mention

CyberWire Daily

Daily Cybersecurity and Tech News podcast featuring Dave Bittner, Rick Howard and David Moulton

The bug that let anyone in.

CyberWire Daily discusses Cisco's removal of a critical backdoor account alongside Linux vulnerability alerts.

1 year ago

Listen to Full Episode Full Episode Unlock Timestamp

Get Vantage — Podcasts, Ratings, Timestamps

Podcasts & Opinions

15 Articles

Tech Radar

Reposted by

World NEWS Live

Center

Cisco warns of a serious security flaw in comms platform - and that it needs patching immediately

Researchers found hardcoded credentials in Cisco Unified Communications Manager

1 year ago·United Kingdom

Read Full Article

The Register

Center

Cisco scores a perfect 10 for a critical comms flaw

: The second max score this week for Netzilla - not a good look

1 year ago

Read Full Article

BleepingComputer

Reposted by

cybernoz.com

Center

Cisco warns that Unified CM has hardcoded root SSH credentials

Cisco has removed a backdoor account from its Unified Communications Manager (Unified CM), which would have allowed remote attackers to log in to unpatched devices with root privileges.

1 year ago·New York, United States

Read Full Article

Malware Analysis, News and Indicators

CVE-2025-20309: Cisco Unified CM Flaw Enables Remote Root Access

CVE-2025-20309: Cisco Unified CM Flaw Enables Remote Root Access Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now a…

1 year ago

Read Full Article

Global Security Mag Online

Reposted by

Global Security Mag Online

Vulnerability in Cisco Products (03 July 2025) – Global Security Mag Online

A vulnerability has been discovered in Cisco products. It allows an attacker to cause a circumvention of security policy. See online: https://www.cert.ssi.gouv.fr/avis/C...

1 year ago

Read Full Article

Help Net Security

Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309) - Help Net Security

Cisco has found a backdoor account in yet another of its software solutions: CVE-2025-20309, stemming from default credentials for the root account, could allow unauthenticated remote attackers to log into a vulnerable Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) platforms and use the acquired access to execute arbitrary commands with the highest privileges…

1 year ago

Read Full Article

Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/year