CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-20309: Cisco Unified Communications Manager Static SSH Credentials Vulnerability

10.0 CVSS

Description

A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted.

This vulnerability is due to the presence of static user credentials for the root account that are reserved for use during development. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to log in to the affected system and execute arbitrary commands as the root user.

Classification

CVE ID: CVE-2025-20309

CVSS Base Severity: CRITICAL

CVSS Base Score: 10.0

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Problem Types

Use of Hard-coded Credentials

Affected Products

Vendor: Cisco

Product: Cisco Unified Communications Manager Session Management Edition Engineering Special

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.17% (probability of being exploited)

EPSS Percentile: 39.3% (scored less or equal to compared to others)

EPSS Date: 2025-07-14 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-20309
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-ssh-m4UBdpE7

Timeline

2025-07-02 16:00:41 UTC
Cisco Security Advisory

Cisco Unified Communications Manager Static SSH Credentials Vulnerability
2025-07-02 17:40:21 UTC
CVE

Cisco Unified Communications Manager Static SSH Credentials Vulnerability
2025-07-03 05:30:34 UTC
TheHackerNews

Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials