Cisco Unified Contact Center Products Web UI Arbitrary File Upload Vulnerability

A vulnerability exists in the web user interface of Cisco Unified Contact Center Express (CCX) versions 12.5 SU3 and earlier and 15.0, as well as Cisco Unified Contact Center Enterprise (CCE), Cisco Packaged Contact Center Enterprise (Packaged CCE), and Cisco Unified Intelligence Center (CUIC) versions 12.6 and earlier and 15.0. This vulnerability allows an authenticated, remote attacker to upload and execute arbitrary files on the underlying operating system. The issue arises from insufficient input validation related to specific UI features, enabling an attacker with valid administrative credentials to exploit the vulnerability by uploading a crafted file.

Impact

Exploitation of this vulnerability could lead to unauthorized file uploads and execution, allowing access to the underlying operating system. In the case of CVE-2025-20376, this could extend to remote code execution with elevated privileges.

Remediation

Cisco has released software updates to address this vulnerability. For Cisco Unified CCX, users should upgrade to version 12.5 SU3 ES07 or 15.0 ES01. For Cisco Unified Intelligence Center, version 15.0(01) ES202508 is recommended. Instructions for obtaining these updates can be found on the Cisco Support and Downloads page.