Cisco fixes critical UCCX flaw allowing Root command execution
Cisco has addressed a critical vulnerability (CVE-2025-20354) in its Unified Contact Center Express (UCCX) software, which could allow remote attackers to execute commands with root privileges. The flaw stems from improper authentication in the Java RMI process, enabling unauthenticated attackers to upload files and run commands on affected systems.