Cisco has addressed a critical vulnerability in its Unified Communications Manager (Unified CM) that allowed remote attackers to access systems with root privileges through a backdoor account. The company recommends upgrading to the latest version or applying a specific patch to mitigate this maximum severity flaw. #CVE202520309 #UnifiedCM #CyberVulnerability #RootAccessProtection
Keypoints
- Cisco removed a backdoor account in its Unified Communications Manager to prevent unauthorized root access.
- The vulnerability CVE-2025-20309 affects multiple versions of Cisco Unified CM and SME releases.
- Exploitation of this flaw could allow attackers to execute commands with root privileges remotely.
- There are no workarounds available; mitigation requires device upgrades or applying patches.
- Cisco has issued indicators of compromise and recommends monitoring system logs for exploitation attempts.