Cisco has released security updates to address a maximum-severity security flaw in Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition (Unified CM SME) that could permit an attacker to login to a susceptible device as the root user, allowing them to gain elevated privileges.
The vulnerability, tracked as CVE-2025-20309, carries a CVSS score



Source: TheHackerNews
Source Link: https://thehackernews.com/2025/07/critical-cisco-vulnerability-in-unified.html