10.0
CRITICAL
CVE-2025-20309
Cisco Unified Communications Manager/Cisco Unified Communications Manager Session Management Edition Root Account Default Credential Vulnerability
Description

A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted. This vulnerability is due to the presence of static user credentials for the root account that are reserved for use during development. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to log in to the affected system and execute arbitrary commands as the root user.

INFO

Published Date :

July 2, 2025, 5:15 p.m.

Last Modified :

July 3, 2025, 3:23 p.m.

Remotely Exploitable :

Yes !

Impact Score :

6.0

Exploitability Score :

3.9
Affected Products

The following products are affected by CVE-2025-20309 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Cisco unified_communications_manager
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2025-20309.

URL Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-ssh-m4UBdpE7 Patch Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2025-20309 vulnerability anywhere in the article.

  • The Cyber Express
Microsoft Patch Tuesday July 2025: 130 Vulnerabilities Fixed, 17 High-Risk

Patch Tuesday for July 2025 was the busiest day for Microsoft fixes since January, with 130 Microsoft CVEs patched – including 17 ones at high risk for exploitation. July’s total also included 10 non- ... Read more

Published Date: Jul 08, 2025 (5 days, 15 hours ago)
  • Help Net Security
Week in review: Sudo local privilege escalation flaws fixed, Google patches actively exploited Chrome

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463) If you haven’t ... Read more

Published Date: Jul 06, 2025 (1 week, 1 day ago)
  • Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Cisco Issues Emergency Fix for Critical Root Credential Flaw in Unified CM

Cisco, a leading networking hardware company, has issued an urgent security alert and released updates to address a severe vulnerability in its Unified Communications Manager (Unified CM) and Unified ... Read more

Published Date: Jul 04, 2025 (1 week, 3 days ago)
  • TheCyberThrone
EchoLeak Vulnerability in Microsoft 365 Copilot

Skip to contentOverviewEchoLeak is a critical zero-click vulnerability found in Microsoft 365 Copilot, revealed in 2025 by AIM Security. The flaw allowed attackers to steal sensitive enterprise data w ... Read more

Published Date: Jul 04, 2025 (1 week, 3 days ago)
  • Help Net Security
Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)

Cisco has found a backdoor account in yet another of its software solutions: CVE-2025-20309, stemming from default credentials for the root account, could allow unauthenticated remote attackers to log ... Read more

Published Date: Jul 03, 2025 (1 week, 4 days ago)
  • Cyber Security News
Cisco Unified CM Vulnerability Allows Remote Attacker to Login As Root User

A severe vulnerability in Cisco Unified Communications Manager (Unified CM) systems could allow remote attackers to gain root-level access to affected devices. The vulnerability, designated CVE-2025-2 ... Read more

Published Date: Jul 03, 2025 (1 week, 4 days ago)
  • security.nl
Cisco waarschuwt voor kritiek lek door hardcoded SSH-wachtwoord

Cisco waarschuwt organisaties die van Cisco Unified Communications Manager gebruikmaken voor een root-account met een hardcoded SSH-wachtwoord dat niet is te veranderen of verwijderen. Via het wachtwo ... Read more

Published Date: Jul 03, 2025 (1 week, 4 days ago)
  • The Cyber Express
Cisco Issues Urgent Patch for Critical Unified CM Vulnerability (CVE-2025-20309)

Cisco has issued a new security advisory addressing a severe vulnerability in its Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition (Unified CM ... Read more

Published Date: Jul 03, 2025 (1 week, 4 days ago)
  • The Hacker News
Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials

Vulnerability / Network Security Cisco has released security updates to address a maximum-severity security flaw in Unified Communications Manager (Unified CM) and Unified Communications Manager Sessi ... Read more

Published Date: Jul 03, 2025 (1 week, 4 days ago)
  • TheCyberThrone
CVE-2025-20309 affects Cisco Unified CM

Skip to content🔎 Vulnerability OverviewCVE ID: CVE-2025-20309Severity: Critical (CVSS v3.1 Score: 10.0)Discovered in: Cisco Unified Communications Manager (Unified CM) and Session Management Edition ( ... Read more

Published Date: Jul 03, 2025 (1 week, 4 days ago)
  • Daily CyberSecurity
CVE-2025-20309 (CVSS 10): Cisco Patches Critical Static SSH Root Credential Flaw in Unified CM

Cisco has disclosed a critical vulnerability in its Unified Communications Manager (Unified CM) and Session Management Edition (SME) platforms. Tracked as CVE-2025-20309 and rated CVSS 10, the flaw ex ... Read more

Published Date: Jul 03, 2025 (1 week, 4 days ago)
  • The Register
Cisco scores a perfect 10 - sadly for a critical flaw in its comms platform

If you're running the Engineering-Special (ES) builds of Cisco Unified Communications Manager or its Session Management Edition, you need to apply Cisco's urgent patch after someone at Switchzilla mad ... Read more

Published Date: Jul 02, 2025 (1 week, 4 days ago)
  • BleepingComputer
Cisco warns that Unified CM has hardcoded root SSH credentials

Cisco has removed a backdoor account from its Unified Communications Manager (Unified CM), which would have allowed remote attackers to log in to unpatched devices with root privileges. Cisco Unified ... Read more

Published Date: Jul 02, 2025 (1 week, 4 days ago)

The following table lists the changes that have been made to the CVE-2025-20309 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • Initial Analysis by [email protected]

    Jul. 03, 2025

    Action Type Old Value New Value
    Added CPE Configuration OR *cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13010-1:*:*:*:-:*:*:* *cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13010-1:*:*:*:session_management:*:*:* *cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13011-1:*:*:*:-:*:*:* *cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13011-1:*:*:*:session_management:*:*:* *cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13012-1:*:*:*:-:*:*:* *cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13012-1:*:*:*:session_management:*:*:* *cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13013-1:*:*:*:-:*:*:* *cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13014-1:*:*:*:-:*:*:* *cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13015-1:*:*:*:-:*:*:* *cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13016-1:*:*:*:-:*:*:* *cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13017-1:*:*:*:-:*:*:* *cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13013-1:*:*:*:session_management:*:*:* *cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13014-1:*:*:*:session_management:*:*:* *cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13015-1:*:*:*:session_management:*:*:* *cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13016-1:*:*:*:session_management:*:*:* *cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13017-1:*:*:*:session_management:*:*:*
    Added Reference Type Cisco Systems, Inc.: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-ssh-m4UBdpE7 Types: Patch, Vendor Advisory
  • New CVE Received by [email protected]

    Jul. 02, 2025

    Action Type Old Value New Value
    Added Description A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted. This vulnerability is due to the presence of static user credentials for the root account that are reserved for use during development. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to log in to the affected system and execute arbitrary commands as the root user.
    Added CVSS V3.1 AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    Added CWE CWE-798
    Added Reference https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-ssh-m4UBdpE7
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2025-20309 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2025-20309 weaknesses.

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
© cvefeed.io
Latest DB Update: Jul. 14, 2025 11:38