Cisco Unified Contact Center Express Remote Code Execution Vulnerability

A remote code execution vulnerability has been identified in Cisco Unified Contact Center Express (CCX) versions 12.5 SU3 and earlier, and 15.0. This vulnerability arises from improper authentication in the Java Remote Method Invocation (RMI) process, allowing an unauthenticated, remote attacker to upload arbitrary files and execute commands with root privileges on the affected system. The exploitation involves uploading a crafted file through the Java RMI process, which could then be used to execute commands on the operating system.

Impact

Exploitation of this vulnerability could lead to unauthorized file uploads, arbitrary code execution with root privileges, and a complete compromise of the affected system.

Remediation

Cisco has released software updates to address this vulnerability. Users are advised to upgrade to Cisco Unified CCX version 12.5 SU3 ES07 or 15.0 ES01. For guidance on obtaining these updates, consult the Cisco Support and Downloads page or contact the Cisco Technical Assistance Center (TAC).