AI description
CVE-2025-20309 is a vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME). It could allow an unauthenticated, remote attacker to log in to an affected device using the root account. The root account has default, static credentials that cannot be changed or deleted. The vulnerability exists because of static user credentials for the root account that are reserved for use during development. An attacker could exploit this vulnerability by using the root account to log in to an affected system. Successful exploitation could allow the attacker to log in to the affected system and execute arbitrary commands as the root user. This vulnerability affects Cisco Unified CM and Unified CM SME Engineering Special (ES) releases 15.0.1.13010-1 through 15.0.1.13017-1, regardless of device configuration.
- Description
- A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted. This vulnerability is due to the presence of static user credentials for the root account that are reserved for use during development. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to log in to the affected system and execute arbitrary commands as the root user.
- Source
- psirt@cisco.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 10
- Impact score
- 6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- psirt@cisco.com
- CWE-798
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
11
A critical vulnerability (CVE-2025-20309) in Cisco's Unified Communications Manager has surfaced, rated CVSS 10 out of 10. This flaw allows root-level remote access due to hard-coded credentials, posing a massive risk for organizations relying on these systems, despite it bein...
@CybrPulse
4 Jul 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨Upozorňujeme na kritickou zranitelnost v komunikační platformě Cisco Unified Communications Manager (Unified CM) a Session Management Edition (SME), CVE-2025-20309. Zranitelnost může vzdálenému neautentizovanému útočníkovi umožnit SSH přístup k postiženému za
@GOVCERT_CZ
4 Jul 2025
335 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨Alert🚨 "CVE-2025-20309" (CVSS 10) : Cisco Unified Communications Manager Static SSH Credentials Vulnerability !!! #Cisco #hunterhow #infosec #infosecurity #OSINT #Vulnerability https://t.co/LMWgTiUOVK
@B1ackash
4 Jul 2025
55 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
これは、回避策がなく、認証不要+root権限取得可能であるため、即時対応が推奨されるゼロクリック型のリモートコード実行です。Cisco Unified Communications Manager Static SSH Credentials Vulnerability(CVE-2025-20309)CVSSス
@t_nihonmatsu
4 Jul 2025
435 Impressions
3 Retweets
11 Likes
3 Bookmarks
0 Replies
0 Quotes
Cisco Unified Communications Manager Static SSH Credentials Vulnerability(CVE-2025-20309)CVSSスコア10.0 https://t.co/80q2C9P4mn
@t_nihonmatsu
4 Jul 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cisco Unified Communications Manager Static SSH Credentials Vulnerability(CVE-2025-20309)CVSSスコア10.0 これは、回避策がなく、認証不要+root権限取得可能であるため、即時対応が強く推奨されるゼロクリック型のリモートコード
@t_nihonmatsu
4 Jul 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Alert🚨 CVE-2025-20309(CVSS 10) : Cisco Unified Communications Manager Static SSH Credentials Vulnerability 📊1.6k Services are found on the https://t.co/ysWb28Crld yearly. 🔗Hunter Link:https://t.co/R8bGNV7IoK 👇Query HUNTER : https://t.co/q9rtuGgxk7="Cisco Unified h
@HunterMapping
4 Jul 2025
2132 Impressions
12 Retweets
31 Likes
10 Bookmarks
2 Replies
0 Quotes
Cisco أطلقت تحذير أمني عاجل بخصوص ثغرة حرجة جدًا في أنظمتها Unified Communications Manager (Unified CM) ونسخة Session Management Edition (Unified CM SME)… والثغرة دي واخذة أعلى تقييم خطورة ممكن: CV
@M_Alhamadee
3 Jul 2025
66 Impressions
0 Retweets
0 Likes
0 Bookmarks
2 Replies
0 Quotes
⚠️Vulnerabilidad en Cisco Unified CM ❗CVE-2025-20309 ➡️Más info: https://t.co/6xpTSzzi6h https://t.co/76zwRZ6V4T
@CERTpy
3 Jul 2025
148 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CRITICAL: Cisco patches CVE-2025-20309 (CVSS 10/10) Hardcoded root creds in Unified CM that CAN'T be removed! Dev credentials left in production = full system compromise risk. Patch NOW if running affected versions! 🛡️ #CyberSecurity #Cisco https://t.co/JDVPCqBFWI
@BiztechNarrator
3 Jul 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical #Cisco vulnerability for the Unified Communications Manager software. Hardcoded root credentials. No workarounds, only software updates will fix it. CVE-2025-20309 https://t.co/xfbPg3p7PJ
@ct_is
3 Jul 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cisco CVE-2025-20309: “allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted.” @vxunderground Is the password infected? https://t.co/ZLWXH1Yls0
@sekurlsa_pw
3 Jul 2025
214 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
#Cisco fixes maximum-severity flaw in enterprise #unified comms platform (#CVE-2025-20309) https://t.co/ywCn53AxMB
@ScyScan
3 Jul 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical vulnerability (CVE-2025-20309) in Cisco Unified CM systems allows remote attackers to gain root access without authentication, posing serious risks to organizations. With a maximum CVSS score of 10.0, the urgency for immediate patching is undeniable, especially sinc...
@CybrPulse
3 Jul 2025
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
#Cisco fixes maximum-severity flaw in #enterprise unified comms platform (CVE-2025-20309) https://t.co/MsQZgYOhLP https://t.co/dZsGbfRSm5
@evanderburg
3 Jul 2025
21 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
🗞️ A critical vulnerability (CVE-2025-20309) with a perfect 10.0 CVSS score has been found in Cisco's Unified Communications Manager. This flaw could allow attackers to gain complete control of affected systems. Key takeaways: 🧵 https://t.co/Q9Nc7lkHZd
@gossy_84
3 Jul 2025
139 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Cisco removed a backdoor account from Unified CM, allowing remote attackers root access via static credentials. The critical vulnerability (CVE-2025-20309) affects specific releases, with no workarounds available; updates are required to fix it. #Security https://t.co/ic7YCgo2ia
@Strivehawk
3 Jul 2025
85 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical Cisco flaw in Unified CM (CVE-2025-20309) allows attackers to gain root access via hardcoded credentials, risking system control. Affected versions: 15.0.1.13010-1 to 15.0.1.13017-1. 🛡️ #CiscoVuln #UnifiedCommunication #Japan https://t.co/y1sO0c306i
@TweetThreatNews
3 Jul 2025
59 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Cisco has addressed a critical vulnerability (CVE-2025-20309) in its Unified Communications Manager (Unified CM) that involved hardcoded root SSH credentials, allowing remote attackers to log in with root privileges. https://t.co/9FZgXBpeUI
@securityRSS
3 Jul 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📌 أصدرت شركة سيسكو تحديثات أمان لمعالجة ثغرة خطيرة في Unified Communications Manager، تسمح للمهاجم بالدخول كجذر بواسطة بيانات اعتماد ثابتة. الثغرة، المعروفة برمز CVE-202
@Cybercachear
3 Jul 2025
77 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Cisco Unified CMにハードコードされたroot権限のSSH認証情報、シスコが警告(CVE-2025-20309) 🇺🇸イラン系ハッカーグループ、トランプ側近のEメールをさらに公開すると脅迫 〜サイバーアラート 7月3日〜 https:
@MachinaRecord
3 Jul 2025
124 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cisco Unified Communications Manager (CM)にCVSSスコア10の脆弱性。Session Management Editionを含むEngineering-Special (ES)ビルドに影響。CVE-2025-20309はハードコードされたバックドア認証情報。認証ログにrootでのSSH接続があったら赤
@__kokumoto
2 Jul 2025
1365 Impressions
8 Retweets
13 Likes
1 Bookmark
0 Replies
0 Quotes
lefover root credential 🫨 🟥 CVE-2025-20309, CVSS: 10.0 (#Critical, #Highest) #Cisco Unified Communications Manager and Session Management Edition #Vulnerability allows unauthenticated remote access via static root credentials. #CyberSecurity #CVE https://t.co/1DzpwhK
@UjlakiMarci
2 Jul 2025
12283 Impressions
21 Retweets
47 Likes
15 Bookmarks
2 Replies
2 Quotes
🚨CVE-2025-20309: A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to log in to an affected device using the root account,
@DarkWebInformer
2 Jul 2025
9757 Impressions
13 Retweets
39 Likes
7 Bookmarks
3 Replies
2 Quotes
CVE-2025-20309 A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow … https://t.co/7q8hPiVGxE
@CVEnew
2 Jul 2025
474 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13010-1:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8985BC01-2355-447B-9454-EDCF26817605"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13010-1:*:*:*:session_management:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2704C9FA-BF67-4776-A1C5-C2FE2D6B79E1"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13011-1:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "71821C29-B31C-4B7B-8C69-2CE1F9C9EE3A"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13011-1:*:*:*:session_management:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E0C338F5-3710-42B0-8959-73A916638EC5"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13012-1:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3E128057-726A-4715-B9EF-2C2AC30EDD17"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13012-1:*:*:*:session_management:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A05CB62-B48C-4205-8349-8C4F3AFCB9D2"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13013-1:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6012779F-6406-4882-B520-3CB71734AAC8"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13013-1:*:*:*:session_management:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3ED47A6A-D9E9-4FC1-846D-E8481194B003"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13014-1:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B2BD7E64-746B-46F8-A676-A26B773159CB"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13014-1:*:*:*:session_management:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7EA03C5C-40DF-4AE6-B6B9-7A6D38918B97"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13015-1:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B2A4642A-D12B-40A9-B835-3F7303020209"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13015-1:*:*:*:session_management:*:*:*",
"vulnerable": true,
"matchCriteriaId": "429174E3-5F75-43E7-95FF-C2FDE91E7BB7"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13016-1:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "17D01F03-DA41-4F79-BC20-3F8D2B1BA7F3"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13016-1:*:*:*:session_management:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F645ECD4-D63F-4405-80CD-DF9F0C14DEDF"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13017-1:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5ACF28F0-7049-4AB8-8DBF-50FDC65194A5"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13017-1:*:*:*:session_management:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2C88F71F-229C-40BE-82EC-F76347AC5FDA"
}
],
"operator": "OR"
}
]
}
]