CVE-2025-20309

Published Jul 2, 2025

Last updated 14 days ago

CVSS critical 10.0
Cisco
Unified CM

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-20309 is a vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME). It could allow an unauthenticated, remote attacker to log in to an affected device using the root account. The root account has default, static credentials that cannot be changed or deleted. The vulnerability exists because of static user credentials for the root account that are reserved for use during development. An attacker could exploit this vulnerability by using the root account to log in to an affected system. Successful exploitation could allow the attacker to log in to the affected system and execute arbitrary commands as the root user. This vulnerability affects Cisco Unified CM and Unified CM SME Engineering Special (ES) releases 15.0.1.13010-1 through 15.0.1.13017-1, regardless of device configuration.

Description
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted. This vulnerability is due to the presence of static user credentials for the root account that are reserved for use during development. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to log in to the affected system and execute arbitrary commands as the root user.
Source
psirt@cisco.com
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Secondary
Base score
10
Impact score
6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

psirt@cisco.com
CWE-798

Social media

Hype score
Not currently trending
  1. Critical Cisco vuln (CVE-2025-20309) Affects ES builds of Unified CM & Unified CM SME. 🔐 Hardcoded root creds that can’t be changed or deleted 🔥 CVSS: 10.0 💥 Exploitable for root access on vulnerable systems Patch ASAP.

    @cyber_sec_raj

    13 Jul 2025

    28 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. #CybersecurityNEWS🔴👨💻👾 Cisco ha corregido una vulnerabilidad clasificada con severidad máxima (CVE-2025-20309) en sus plataformas Unified CM y SME.  Ver más: https://t.co/IS0oGvF0bH #ciberseguridad #DevelNews https://t.co/DV8IQwo15x

    @develsecurity

    11 Jul 2025

    25 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. CVE-2025-20309 no Cisco Unified CM expunha credenciais root via credenciais estáticas usadas em dev; explorar consistia em login SSH com usuário root e senha hardcoded, dando controle total ao sistema de gerenciamento de chamadas.

    @hashtagsec

    11 Jul 2025

    31 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  4. Oh. Ja, wir schreiben das Jahr 2025, und Cisco kämpft bei seinen neuen Produkten immer noch mit Problemen aus dem letzten Jahrtausend: CVE-2025-20309, Cisco Unified Communications Manager:

    @ClemensZauner

    7 Jul 2025

    47 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  5. 🚨 🔐 Cisco Unified CM (CVE-2025-20309, CVSS 10.0): Root backdoor grants full access. Patch IMMEDIATELY! #CiscoSecurity https://t.co/nNSjvYXDQo

    @CyberWolfGuard

    7 Jul 2025

    17 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. This week’s threat update highlights CVE-2025-5777 (Citrix Netscaler) & CVE-2025-20309 (Cisco), actively exploited by APT28 & MuddyWater. Emerging malware includes Flodrix botnets & steganography-based evasion. #CitrixBleed #Iran #Malware https://t.co/COO7mWyL0P

    @TweetThreatNews

    7 Jul 2025

    157 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  7. Actively exploited CVE : CVE-2025-20309

    @transilienceai

    6 Jul 2025

    24 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  8. Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials. The vulnerability, tracked as CVE-2025-20309, carries a CVSS score of 10.0 could permit an attacker to login to a susceptible device as the root user. https://t.co/VifbwpPO0T https://t.co/UmVBja

    @riskigy

    5 Jul 2025

    36 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. Actively exploited CVE : CVE-2025-20309

    @transilienceai

    5 Jul 2025

    24 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  10. I wonder if that Cisco root password (CVE-2025-20309) was something really simple like root, toor, devroot or if they used something more complex. You are welcome to post some funny wrong passwords 😺

    @sekurlsa_pw

    4 Jul 2025

    1714 Impressions

    1 Retweet

    7 Likes

    1 Bookmark

    6 Replies

    0 Quotes

  11. Urgent: Over 1,000 Cisco Unified Communications Manager devices exposed to a critical CVSS 10.0 flaw (CVE-2025-20309). Hard-coded credentials enable root access, risking widespread compromise. 🌐🔓 #Cisco #Security #USA https://t.co/aWtHerOZaP

    @TweetThreatNews

    4 Jul 2025

    103 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  12. Vulnerabilidad 10/10 en CISCO UCM permite acceso "root" sin autenticación. La vulnerabilidad, identificada como CVE-2025-20309, tiene una puntuación CVSS de 10.0. #ciberseguridad #cybersecurity https://t.co/cwEcRILmP2

    @EHCGroup

    4 Jul 2025

    54 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. Why is Cisco's security flaw a ticking time bomb? Cisco's Unified CM has a critical flaw that could let hackers take over systems. This bug, CVE-2025-20309, allows root access using static credentials. It's a big deal because it can let anyone run any command they want.

    @358technews

    4 Jul 2025

    37 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  14. Critical Cisco Unified Communications Manager Static SSH Credentials Vulnerability (CVE-2025-20309) #Cisco #CiscoUnifiedCommunications #CVE202520309 #CyberSecurity #SSH https://t.co/R7XCOM4Nej https://t.co/fmAfP5SI2R

    @SystemTek_UK

    4 Jul 2025

    40 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  15. A critical vulnerability (CVE-2025-20309) in Cisco's Unified Communications Manager has surfaced, rated CVSS 10 out of 10. This flaw allows root-level remote access due to hard-coded credentials, posing a massive risk for organizations relying on these systems, despite it bein...

    @CybrPulse

    4 Jul 2025

    26 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  16. 🚨Upozorňujeme na kritickou zranitelnost v komunikační platformě Cisco Unified Communications Manager (Unified CM) a Session Management Edition (SME), CVE-2025-20309. Zranitelnost může vzdálenému neautentizovanému útočníkovi umožnit SSH přístup k postiženému za

    @GOVCERT_CZ

    4 Jul 2025

    339 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  17. 🚨Alert🚨 "CVE-2025-20309" (CVSS 10) : Cisco Unified Communications Manager Static SSH Credentials Vulnerability !!! #Cisco #hunterhow #infosec #infosecurity #OSINT #Vulnerability https://t.co/LMWgTiUOVK

    @B1ackash

    4 Jul 2025

    55 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  18. これは、回避策がなく、認証不要+root権限取得可能であるため、即時対応が推奨されるゼロクリック型のリモートコード実行です。Cisco Unified Communications Manager Static SSH Credentials Vulnerability(CVE-2025-20309)CVSSス

    @t_nihonmatsu

    4 Jul 2025

    435 Impressions

    3 Retweets

    11 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  19. Cisco Unified Communications Manager Static SSH Credentials Vulnerability(CVE-2025-20309)CVSSスコア10.0 https://t.co/80q2C9P4mn

    @t_nihonmatsu

    4 Jul 2025

    26 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  20. Cisco Unified Communications Manager Static SSH Credentials Vulnerability(CVE-2025-20309)CVSSスコア10.0 これは、回避策がなく、認証不要+root権限取得可能であるため、即時対応が強く推奨されるゼロクリック型のリモートコード

    @t_nihonmatsu

    4 Jul 2025

    43 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  21. 🚨Alert🚨 CVE-2025-20309(CVSS 10) : Cisco Unified Communications Manager Static SSH Credentials Vulnerability 📊1.6k Services are found on the https://t.co/ysWb28Crld yearly. 🔗Hunter Link:https://t.co/R8bGNV7IoK 👇Query HUNTER : https://t.co/q9rtuGgxk7="Cisco Unified h

    @HunterMapping

    4 Jul 2025

    2132 Impressions

    12 Retweets

    31 Likes

    10 Bookmarks

    2 Replies

    0 Quotes

  22. Cisco أطلقت تحذير أمني عاجل بخصوص ثغرة حرجة جدًا في أنظمتها Unified Communications Manager (Unified CM) ونسخة Session Management Edition (Unified CM SME)… والثغرة دي واخذة أعلى تقييم خطورة ممكن: CV

    @M_Alhamadee

    3 Jul 2025

    66 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    2 Replies

    0 Quotes

  23. ⚠️Vulnerabilidad en Cisco Unified CM ❗CVE-2025-20309 ➡️Más info: https://t.co/6xpTSzzi6h https://t.co/76zwRZ6V4T

    @CERTpy

    3 Jul 2025

    148 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  24. 🚨 CRITICAL: Cisco patches CVE-2025-20309 (CVSS 10/10) Hardcoded root creds in Unified CM that CAN'T be removed! Dev credentials left in production = full system compromise risk. Patch NOW if running affected versions! 🛡️ #CyberSecurity #Cisco https://t.co/JDVPCqBFWI

    @BiztechNarrator

    3 Jul 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  25. Critical #Cisco vulnerability for the Unified Communications Manager software. Hardcoded root credentials. No workarounds, only software updates will fix it. CVE-2025-20309 https://t.co/xfbPg3p7PJ

    @ct_is

    3 Jul 2025

    15 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  26. Cisco CVE-2025-20309: “allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted.” @vxunderground Is the password infected? https://t.co/ZLWXH1Yls0

    @sekurlsa_pw

    3 Jul 2025

    214 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  27. #Cisco fixes maximum-severity flaw in enterprise #unified comms platform (#CVE-2025-20309) https://t.co/ywCn53AxMB

    @ScyScan

    3 Jul 2025

    33 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  28. A critical vulnerability (CVE-2025-20309) in Cisco Unified CM systems allows remote attackers to gain root access without authentication, posing serious risks to organizations. With a maximum CVSS score of 10.0, the urgency for immediate patching is undeniable, especially sinc...

    @CybrPulse

    3 Jul 2025

    47 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  29. #Cisco fixes maximum-severity flaw in #enterprise unified comms platform (CVE-2025-20309) https://t.co/MsQZgYOhLP https://t.co/dZsGbfRSm5

    @evanderburg

    3 Jul 2025

    21 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  30. 🗞️ A critical vulnerability (CVE-2025-20309) with a perfect 10.0 CVSS score has been found in Cisco's Unified Communications Manager. This flaw could allow attackers to gain complete control of affected systems. Key takeaways: 🧵 https://t.co/Q9Nc7lkHZd

    @gossy_84

    3 Jul 2025

    139 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  31. Cisco removed a backdoor account from Unified CM, allowing remote attackers root access via static credentials. The critical vulnerability (CVE-2025-20309) affects specific releases, with no workarounds available; updates are required to fix it. #Security https://t.co/ic7YCgo2ia

    @Strivehawk

    3 Jul 2025

    85 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  32. A critical Cisco flaw in Unified CM (CVE-2025-20309) allows attackers to gain root access via hardcoded credentials, risking system control. Affected versions: 15.0.1.13010-1 to 15.0.1.13017-1. 🛡️ #CiscoVuln #UnifiedCommunication #Japan https://t.co/y1sO0c306i

    @TweetThreatNews

    3 Jul 2025

    59 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  33. Cisco has addressed a critical vulnerability (CVE-2025-20309) in its Unified Communications Manager (Unified CM) that involved hardcoded root SSH credentials, allowing remote attackers to log in with root privileges. https://t.co/9FZgXBpeUI

    @securityRSS

    3 Jul 2025

    31 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  34. 📌 أصدرت شركة سيسكو تحديثات أمان لمعالجة ثغرة خطيرة في Unified Communications Manager، تسمح للمهاجم بالدخول كجذر بواسطة بيانات اعتماد ثابتة. الثغرة، المعروفة برمز CVE-202

    @Cybercachear

    3 Jul 2025

    77 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  35. 🚨Cisco Unified CMにハードコードされたroot権限のSSH認証情報、シスコが警告(CVE-2025-20309) 🇺🇸イラン系ハッカーグループ、トランプ側近のEメールをさらに公開すると脅迫 〜サイバーアラート 7月3日〜 https:

    @MachinaRecord

    3 Jul 2025

    124 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  36. Cisco Unified Communications Manager (CM)にCVSSスコア10の脆弱性。Session Management Editionを含むEngineering-Special (ES)ビルドに影響。CVE-2025-20309はハードコードされたバックドア認証情報。認証ログにrootでのSSH接続があったら赤

    @__kokumoto

    2 Jul 2025

    1365 Impressions

    8 Retweets

    13 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  37. lefover root credential 🫨 🟥 CVE-2025-20309, CVSS: 10.0 (#Critical, #Highest) #Cisco Unified Communications Manager and Session Management Edition #Vulnerability allows unauthenticated remote access via static root credentials. #CyberSecurity #CVE https://t.co/1DzpwhK

    @UjlakiMarci

    2 Jul 2025

    12283 Impressions

    21 Retweets

    47 Likes

    15 Bookmarks

    2 Replies

    2 Quotes

  38. 🚨CVE-2025-20309: A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to log in to an affected device using the root account,

    @DarkWebInformer

    2 Jul 2025

    9757 Impressions

    13 Retweets

    39 Likes

    7 Bookmarks

    3 Replies

    2 Quotes

  39. CVE-2025-20309 A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow … https://t.co/7q8hPiVGxE

    @CVEnew

    2 Jul 2025

    474 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

Configurations