Cisco Unified Communications Manager (Unified CM) & Cisco Unified Communications Manager Session Management Edition (Unified CM SME) – could allow an unauthenticated remote attacker to log in to an affected device using the root account which has default static credentials that cannot be changed or deleted

The vulnerability (tracked as CVE-2025-20309) was rated as maximum severity and it is caused by static user credentials for the root account which were intended for use during development and testing

This entry was posted on Donnerstag, Juli 3rd, 2025 at 16:53 and is filed under Administration, Security Solution. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

You must be logged in to post a comment.