CVE-2025-20309

Published Jul 2, 2025

Last updated 2 days ago

CVSS critical 10.0
Cisco
Unified CM

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-20309 is a vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME). It could allow an unauthenticated, remote attacker to log in to an affected device using the root account. The root account has default, static credentials that cannot be changed or deleted. The vulnerability exists because of static user credentials for the root account that are reserved for use during development. An attacker could exploit this vulnerability by using the root account to log in to an affected system. Successful exploitation could allow the attacker to log in to the affected system and execute arbitrary commands as the root user. This vulnerability affects Cisco Unified CM and Unified CM SME Engineering Special (ES) releases 15.0.1.13010-1 through 15.0.1.13017-1, regardless of device configuration.

Description
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted. This vulnerability is due to the presence of static user credentials for the root account that are reserved for use during development. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to log in to the affected system and execute arbitrary commands as the root user.
Source
psirt@cisco.com
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Secondary
Base score
10
Impact score
6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

psirt@cisco.com
CWE-798

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

11

  1. A critical vulnerability (CVE-2025-20309) in Cisco's Unified Communications Manager has surfaced, rated CVSS 10 out of 10. This flaw allows root-level remote access due to hard-coded credentials, posing a massive risk for organizations relying on these systems, despite it bein...

    @CybrPulse

    4 Jul 2025

    25 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  2. 🚨Upozorňujeme na kritickou zranitelnost v komunikační platformě Cisco Unified Communications Manager (Unified CM) a Session Management Edition (SME), CVE-2025-20309. Zranitelnost může vzdálenému neautentizovanému útočníkovi umožnit SSH přístup k postiženému za

    @GOVCERT_CZ

    4 Jul 2025

    335 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🚨Alert🚨 "CVE-2025-20309" (CVSS 10) : Cisco Unified Communications Manager Static SSH Credentials Vulnerability !!! #Cisco #hunterhow #infosec #infosecurity #OSINT #Vulnerability https://t.co/LMWgTiUOVK

    @B1ackash

    4 Jul 2025

    55 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  4. これは、回避策がなく、認証不要+root権限取得可能であるため、即時対応が推奨されるゼロクリック型のリモートコード実行です。Cisco Unified Communications Manager Static SSH Credentials Vulnerability(CVE-2025-20309)CVSSス

    @t_nihonmatsu

    4 Jul 2025

    435 Impressions

    3 Retweets

    11 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  5. Cisco Unified Communications Manager Static SSH Credentials Vulnerability(CVE-2025-20309)CVSSスコア10.0 https://t.co/80q2C9P4mn

    @t_nihonmatsu

    4 Jul 2025

    26 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. Cisco Unified Communications Manager Static SSH Credentials Vulnerability(CVE-2025-20309)CVSSスコア10.0 これは、回避策がなく、認証不要+root権限取得可能であるため、即時対応が強く推奨されるゼロクリック型のリモートコード

    @t_nihonmatsu

    4 Jul 2025

    43 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. 🚨Alert🚨 CVE-2025-20309(CVSS 10) : Cisco Unified Communications Manager Static SSH Credentials Vulnerability 📊1.6k Services are found on the https://t.co/ysWb28Crld yearly. 🔗Hunter Link:https://t.co/R8bGNV7IoK 👇Query HUNTER : https://t.co/q9rtuGgxk7="Cisco Unified h

    @HunterMapping

    4 Jul 2025

    2132 Impressions

    12 Retweets

    31 Likes

    10 Bookmarks

    2 Replies

    0 Quotes

  8. Cisco أطلقت تحذير أمني عاجل بخصوص ثغرة حرجة جدًا في أنظمتها Unified Communications Manager (Unified CM) ونسخة Session Management Edition (Unified CM SME)… والثغرة دي واخذة أعلى تقييم خطورة ممكن: CV

    @M_Alhamadee

    3 Jul 2025

    66 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    2 Replies

    0 Quotes

  9. ⚠️Vulnerabilidad en Cisco Unified CM ❗CVE-2025-20309 ➡️Más info: https://t.co/6xpTSzzi6h https://t.co/76zwRZ6V4T

    @CERTpy

    3 Jul 2025

    148 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. 🚨 CRITICAL: Cisco patches CVE-2025-20309 (CVSS 10/10) Hardcoded root creds in Unified CM that CAN'T be removed! Dev credentials left in production = full system compromise risk. Patch NOW if running affected versions! 🛡️ #CyberSecurity #Cisco https://t.co/JDVPCqBFWI

    @BiztechNarrator

    3 Jul 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. Critical #Cisco vulnerability for the Unified Communications Manager software. Hardcoded root credentials. No workarounds, only software updates will fix it. CVE-2025-20309 https://t.co/xfbPg3p7PJ

    @ct_is

    3 Jul 2025

    15 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  12. Cisco CVE-2025-20309: “allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted.” @vxunderground Is the password infected? https://t.co/ZLWXH1Yls0

    @sekurlsa_pw

    3 Jul 2025

    214 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. #Cisco fixes maximum-severity flaw in enterprise #unified comms platform (#CVE-2025-20309) https://t.co/ywCn53AxMB

    @ScyScan

    3 Jul 2025

    33 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. A critical vulnerability (CVE-2025-20309) in Cisco Unified CM systems allows remote attackers to gain root access without authentication, posing serious risks to organizations. With a maximum CVSS score of 10.0, the urgency for immediate patching is undeniable, especially sinc...

    @CybrPulse

    3 Jul 2025

    47 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  15. #Cisco fixes maximum-severity flaw in #enterprise unified comms platform (CVE-2025-20309) https://t.co/MsQZgYOhLP https://t.co/dZsGbfRSm5

    @evanderburg

    3 Jul 2025

    21 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  16. 🗞️ A critical vulnerability (CVE-2025-20309) with a perfect 10.0 CVSS score has been found in Cisco's Unified Communications Manager. This flaw could allow attackers to gain complete control of affected systems. Key takeaways: 🧵 https://t.co/Q9Nc7lkHZd

    @gossy_84

    3 Jul 2025

    139 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  17. Cisco removed a backdoor account from Unified CM, allowing remote attackers root access via static credentials. The critical vulnerability (CVE-2025-20309) affects specific releases, with no workarounds available; updates are required to fix it. #Security https://t.co/ic7YCgo2ia

    @Strivehawk

    3 Jul 2025

    85 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  18. A critical Cisco flaw in Unified CM (CVE-2025-20309) allows attackers to gain root access via hardcoded credentials, risking system control. Affected versions: 15.0.1.13010-1 to 15.0.1.13017-1. 🛡️ #CiscoVuln #UnifiedCommunication #Japan https://t.co/y1sO0c306i

    @TweetThreatNews

    3 Jul 2025

    59 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  19. Cisco has addressed a critical vulnerability (CVE-2025-20309) in its Unified Communications Manager (Unified CM) that involved hardcoded root SSH credentials, allowing remote attackers to log in with root privileges. https://t.co/9FZgXBpeUI

    @securityRSS

    3 Jul 2025

    31 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  20. 📌 أصدرت شركة سيسكو تحديثات أمان لمعالجة ثغرة خطيرة في Unified Communications Manager، تسمح للمهاجم بالدخول كجذر بواسطة بيانات اعتماد ثابتة. الثغرة، المعروفة برمز CVE-202

    @Cybercachear

    3 Jul 2025

    77 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  21. 🚨Cisco Unified CMにハードコードされたroot権限のSSH認証情報、シスコが警告(CVE-2025-20309) 🇺🇸イラン系ハッカーグループ、トランプ側近のEメールをさらに公開すると脅迫 〜サイバーアラート 7月3日〜 https:

    @MachinaRecord

    3 Jul 2025

    124 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  22. Cisco Unified Communications Manager (CM)にCVSSスコア10の脆弱性。Session Management Editionを含むEngineering-Special (ES)ビルドに影響。CVE-2025-20309はハードコードされたバックドア認証情報。認証ログにrootでのSSH接続があったら赤

    @__kokumoto

    2 Jul 2025

    1365 Impressions

    8 Retweets

    13 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  23. lefover root credential 🫨 🟥 CVE-2025-20309, CVSS: 10.0 (#Critical, #Highest) #Cisco Unified Communications Manager and Session Management Edition #Vulnerability allows unauthenticated remote access via static root credentials. #CyberSecurity #CVE https://t.co/1DzpwhK

    @UjlakiMarci

    2 Jul 2025

    12283 Impressions

    21 Retweets

    47 Likes

    15 Bookmarks

    2 Replies

    2 Quotes

  24. 🚨CVE-2025-20309: A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to log in to an affected device using the root account,

    @DarkWebInformer

    2 Jul 2025

    9757 Impressions

    13 Retweets

    39 Likes

    7 Bookmarks

    3 Replies

    2 Quotes

  25. CVE-2025-20309 A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow … https://t.co/7q8hPiVGxE

    @CVEnew

    2 Jul 2025

    474 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

Configurations

References

Sources include official advisories and independent security research.