Cisco has released patches for two critical vulnerabilities in its Unified Contact Center Express (UCCX) appliance. The most severe, CVE-2025-20354 (CVSS 9.8), is an unauthenticated RCE flaw in the Java RMI process that allows an attacker to upload files and execute commands with root privileges.
Business Impact
This is a perimeter-down threat. A successful exploit gives an attacker full administrative (root) control of the contact center appliance, allowing them to intercept sensitive customer communications, steal data, disrupt call center operations, and pivot into the internal corporate network.
Why It Happened
The vulnerability stems from improper authentication mechanisms in the Java RMI process, which an unauthenticated, remote attacker can abuse to gain unauthorized access and execute commands on the underlying operating system.
Recommended Executive Action
Direct your network and voice operations teams to treat this as an emergency. These critical vulnerabilities must be patched immediately, starting with any internet-facing UCCX appliances. No workarounds exist for these flaws.
Hashtags: #Cisco #Vulnerability #RCE #CVE #PatchNow #CyberSecurity #InfoSec #ContactCenter