AI description
CVE-2025-20309 is a vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME). It could allow an unauthenticated, remote attacker to log in to an affected device using the root account. The root account has default, static credentials that cannot be changed or deleted. The vulnerability exists because of static user credentials for the root account that are reserved for use during development. An attacker could exploit this vulnerability by using the root account to log in to an affected system. Successful exploitation could allow the attacker to log in to the affected system and execute arbitrary commands as the root user. This vulnerability affects Cisco Unified CM and Unified CM SME Engineering Special (ES) releases 15.0.1.13010-1 through 15.0.1.13017-1, regardless of device configuration.
- Description
- A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted. This vulnerability is due to the presence of static user credentials for the root account that are reserved for use during development. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to log in to the affected system and execute arbitrary commands as the root user.
- Source
- psirt@cisco.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 10
- Impact score
- 6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- psirt@cisco.com
- CWE-798
- Hype score
- Not currently trending
Critical Cisco vuln (CVE-2025-20309) Affects ES builds of Unified CM & Unified CM SME. 🔐 Hardcoded root creds that can’t be changed or deleted 🔥 CVSS: 10.0 💥 Exploitable for root access on vulnerable systems Patch ASAP.
@cyber_sec_raj
13 Jul 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#CybersecurityNEWS🔴👨💻👾 Cisco ha corregido una vulnerabilidad clasificada con severidad máxima (CVE-2025-20309) en sus plataformas Unified CM y SME. Ver más: https://t.co/IS0oGvF0bH #ciberseguridad #DevelNews https://t.co/DV8IQwo15x
@develsecurity
11 Jul 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-20309 no Cisco Unified CM expunha credenciais root via credenciais estáticas usadas em dev; explorar consistia em login SSH com usuário root e senha hardcoded, dando controle total ao sistema de gerenciamento de chamadas.
@hashtagsec
11 Jul 2025
31 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Oh. Ja, wir schreiben das Jahr 2025, und Cisco kämpft bei seinen neuen Produkten immer noch mit Problemen aus dem letzten Jahrtausend: CVE-2025-20309, Cisco Unified Communications Manager:
@ClemensZauner
7 Jul 2025
47 Impressions
0 Retweets
2 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 🔐 Cisco Unified CM (CVE-2025-20309, CVSS 10.0): Root backdoor grants full access. Patch IMMEDIATELY! #CiscoSecurity https://t.co/nNSjvYXDQo
@CyberWolfGuard
7 Jul 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
This week’s threat update highlights CVE-2025-5777 (Citrix Netscaler) & CVE-2025-20309 (Cisco), actively exploited by APT28 & MuddyWater. Emerging malware includes Flodrix botnets & steganography-based evasion. #CitrixBleed #Iran #Malware https://t.co/COO7mWyL0P
@TweetThreatNews
7 Jul 2025
157 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-20309
@transilienceai
6 Jul 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials. The vulnerability, tracked as CVE-2025-20309, carries a CVSS score of 10.0 could permit an attacker to login to a susceptible device as the root user. https://t.co/VifbwpPO0T https://t.co/UmVBja
@riskigy
5 Jul 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-20309
@transilienceai
5 Jul 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
I wonder if that Cisco root password (CVE-2025-20309) was something really simple like root, toor, devroot or if they used something more complex. You are welcome to post some funny wrong passwords 😺
@sekurlsa_pw
4 Jul 2025
1714 Impressions
1 Retweet
7 Likes
1 Bookmark
6 Replies
0 Quotes
Urgent: Over 1,000 Cisco Unified Communications Manager devices exposed to a critical CVSS 10.0 flaw (CVE-2025-20309). Hard-coded credentials enable root access, risking widespread compromise. 🌐🔓 #Cisco #Security #USA https://t.co/aWtHerOZaP
@TweetThreatNews
4 Jul 2025
103 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Vulnerabilidad 10/10 en CISCO UCM permite acceso "root" sin autenticación. La vulnerabilidad, identificada como CVE-2025-20309, tiene una puntuación CVSS de 10.0. #ciberseguridad #cybersecurity https://t.co/cwEcRILmP2
@EHCGroup
4 Jul 2025
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Why is Cisco's security flaw a ticking time bomb? Cisco's Unified CM has a critical flaw that could let hackers take over systems. This bug, CVE-2025-20309, allows root access using static credentials. It's a big deal because it can let anyone run any command they want.
@358technews
4 Jul 2025
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Critical Cisco Unified Communications Manager Static SSH Credentials Vulnerability (CVE-2025-20309) #Cisco #CiscoUnifiedCommunications #CVE202520309 #CyberSecurity #SSH https://t.co/R7XCOM4Nej https://t.co/fmAfP5SI2R
@SystemTek_UK
4 Jul 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical vulnerability (CVE-2025-20309) in Cisco's Unified Communications Manager has surfaced, rated CVSS 10 out of 10. This flaw allows root-level remote access due to hard-coded credentials, posing a massive risk for organizations relying on these systems, despite it bein...
@CybrPulse
4 Jul 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨Upozorňujeme na kritickou zranitelnost v komunikační platformě Cisco Unified Communications Manager (Unified CM) a Session Management Edition (SME), CVE-2025-20309. Zranitelnost může vzdálenému neautentizovanému útočníkovi umožnit SSH přístup k postiženému za
@GOVCERT_CZ
4 Jul 2025
339 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨Alert🚨 "CVE-2025-20309" (CVSS 10) : Cisco Unified Communications Manager Static SSH Credentials Vulnerability !!! #Cisco #hunterhow #infosec #infosecurity #OSINT #Vulnerability https://t.co/LMWgTiUOVK
@B1ackash
4 Jul 2025
55 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
これは、回避策がなく、認証不要+root権限取得可能であるため、即時対応が推奨されるゼロクリック型のリモートコード実行です。Cisco Unified Communications Manager Static SSH Credentials Vulnerability(CVE-2025-20309)CVSSス
@t_nihonmatsu
4 Jul 2025
435 Impressions
3 Retweets
11 Likes
3 Bookmarks
0 Replies
0 Quotes
Cisco Unified Communications Manager Static SSH Credentials Vulnerability(CVE-2025-20309)CVSSスコア10.0 https://t.co/80q2C9P4mn
@t_nihonmatsu
4 Jul 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cisco Unified Communications Manager Static SSH Credentials Vulnerability(CVE-2025-20309)CVSSスコア10.0 これは、回避策がなく、認証不要+root権限取得可能であるため、即時対応が強く推奨されるゼロクリック型のリモートコード
@t_nihonmatsu
4 Jul 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Alert🚨 CVE-2025-20309(CVSS 10) : Cisco Unified Communications Manager Static SSH Credentials Vulnerability 📊1.6k Services are found on the https://t.co/ysWb28Crld yearly. 🔗Hunter Link:https://t.co/R8bGNV7IoK 👇Query HUNTER : https://t.co/q9rtuGgxk7="Cisco Unified h
@HunterMapping
4 Jul 2025
2132 Impressions
12 Retweets
31 Likes
10 Bookmarks
2 Replies
0 Quotes
Cisco أطلقت تحذير أمني عاجل بخصوص ثغرة حرجة جدًا في أنظمتها Unified Communications Manager (Unified CM) ونسخة Session Management Edition (Unified CM SME)… والثغرة دي واخذة أعلى تقييم خطورة ممكن: CV
@M_Alhamadee
3 Jul 2025
66 Impressions
0 Retweets
0 Likes
0 Bookmarks
2 Replies
0 Quotes
⚠️Vulnerabilidad en Cisco Unified CM ❗CVE-2025-20309 ➡️Más info: https://t.co/6xpTSzzi6h https://t.co/76zwRZ6V4T
@CERTpy
3 Jul 2025
148 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CRITICAL: Cisco patches CVE-2025-20309 (CVSS 10/10) Hardcoded root creds in Unified CM that CAN'T be removed! Dev credentials left in production = full system compromise risk. Patch NOW if running affected versions! 🛡️ #CyberSecurity #Cisco https://t.co/JDVPCqBFWI
@BiztechNarrator
3 Jul 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical #Cisco vulnerability for the Unified Communications Manager software. Hardcoded root credentials. No workarounds, only software updates will fix it. CVE-2025-20309 https://t.co/xfbPg3p7PJ
@ct_is
3 Jul 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cisco CVE-2025-20309: “allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted.” @vxunderground Is the password infected? https://t.co/ZLWXH1Yls0
@sekurlsa_pw
3 Jul 2025
214 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
#Cisco fixes maximum-severity flaw in enterprise #unified comms platform (#CVE-2025-20309) https://t.co/ywCn53AxMB
@ScyScan
3 Jul 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical vulnerability (CVE-2025-20309) in Cisco Unified CM systems allows remote attackers to gain root access without authentication, posing serious risks to organizations. With a maximum CVSS score of 10.0, the urgency for immediate patching is undeniable, especially sinc...
@CybrPulse
3 Jul 2025
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
#Cisco fixes maximum-severity flaw in #enterprise unified comms platform (CVE-2025-20309) https://t.co/MsQZgYOhLP https://t.co/dZsGbfRSm5
@evanderburg
3 Jul 2025
21 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
🗞️ A critical vulnerability (CVE-2025-20309) with a perfect 10.0 CVSS score has been found in Cisco's Unified Communications Manager. This flaw could allow attackers to gain complete control of affected systems. Key takeaways: 🧵 https://t.co/Q9Nc7lkHZd
@gossy_84
3 Jul 2025
139 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Cisco removed a backdoor account from Unified CM, allowing remote attackers root access via static credentials. The critical vulnerability (CVE-2025-20309) affects specific releases, with no workarounds available; updates are required to fix it. #Security https://t.co/ic7YCgo2ia
@Strivehawk
3 Jul 2025
85 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical Cisco flaw in Unified CM (CVE-2025-20309) allows attackers to gain root access via hardcoded credentials, risking system control. Affected versions: 15.0.1.13010-1 to 15.0.1.13017-1. 🛡️ #CiscoVuln #UnifiedCommunication #Japan https://t.co/y1sO0c306i
@TweetThreatNews
3 Jul 2025
59 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Cisco has addressed a critical vulnerability (CVE-2025-20309) in its Unified Communications Manager (Unified CM) that involved hardcoded root SSH credentials, allowing remote attackers to log in with root privileges. https://t.co/9FZgXBpeUI
@securityRSS
3 Jul 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📌 أصدرت شركة سيسكو تحديثات أمان لمعالجة ثغرة خطيرة في Unified Communications Manager، تسمح للمهاجم بالدخول كجذر بواسطة بيانات اعتماد ثابتة. الثغرة، المعروفة برمز CVE-202
@Cybercachear
3 Jul 2025
77 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Cisco Unified CMにハードコードされたroot権限のSSH認証情報、シスコが警告(CVE-2025-20309) 🇺🇸イラン系ハッカーグループ、トランプ側近のEメールをさらに公開すると脅迫 〜サイバーアラート 7月3日〜 https:
@MachinaRecord
3 Jul 2025
124 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cisco Unified Communications Manager (CM)にCVSSスコア10の脆弱性。Session Management Editionを含むEngineering-Special (ES)ビルドに影響。CVE-2025-20309はハードコードされたバックドア認証情報。認証ログにrootでのSSH接続があったら赤
@__kokumoto
2 Jul 2025
1365 Impressions
8 Retweets
13 Likes
1 Bookmark
0 Replies
0 Quotes
lefover root credential 🫨 🟥 CVE-2025-20309, CVSS: 10.0 (#Critical, #Highest) #Cisco Unified Communications Manager and Session Management Edition #Vulnerability allows unauthenticated remote access via static root credentials. #CyberSecurity #CVE https://t.co/1DzpwhK
@UjlakiMarci
2 Jul 2025
12283 Impressions
21 Retweets
47 Likes
15 Bookmarks
2 Replies
2 Quotes
🚨CVE-2025-20309: A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to log in to an affected device using the root account,
@DarkWebInformer
2 Jul 2025
9757 Impressions
13 Retweets
39 Likes
7 Bookmarks
3 Replies
2 Quotes
CVE-2025-20309 A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow … https://t.co/7q8hPiVGxE
@CVEnew
2 Jul 2025
474 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13010-1:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8985BC01-2355-447B-9454-EDCF26817605"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13010-1:*:*:*:session_management:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2704C9FA-BF67-4776-A1C5-C2FE2D6B79E1"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13011-1:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "71821C29-B31C-4B7B-8C69-2CE1F9C9EE3A"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13011-1:*:*:*:session_management:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E0C338F5-3710-42B0-8959-73A916638EC5"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13012-1:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3E128057-726A-4715-B9EF-2C2AC30EDD17"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13012-1:*:*:*:session_management:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A05CB62-B48C-4205-8349-8C4F3AFCB9D2"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13013-1:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6012779F-6406-4882-B520-3CB71734AAC8"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13013-1:*:*:*:session_management:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3ED47A6A-D9E9-4FC1-846D-E8481194B003"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13014-1:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B2BD7E64-746B-46F8-A676-A26B773159CB"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13014-1:*:*:*:session_management:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7EA03C5C-40DF-4AE6-B6B9-7A6D38918B97"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13015-1:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B2A4642A-D12B-40A9-B835-3F7303020209"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13015-1:*:*:*:session_management:*:*:*",
"vulnerable": true,
"matchCriteriaId": "429174E3-5F75-43E7-95FF-C2FDE91E7BB7"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13016-1:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "17D01F03-DA41-4F79-BC20-3F8D2B1BA7F3"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13016-1:*:*:*:session_management:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F645ECD4-D63F-4405-80CD-DF9F0C14DEDF"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13017-1:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5ACF28F0-7049-4AB8-8DBF-50FDC65194A5"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13017-1:*:*:*:session_management:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2C88F71F-229C-40BE-82EC-F76347AC5FDA"
}
],
"operator": "OR"
}
]
}
]