Cisco Unified Contact Center Products Remote Code Execution Vulnerability

A remote code execution vulnerability exists in the web UI of Cisco Unified Contact Center Express (CCX) versions 12.5 SU3 and earlier and 15.0, as well as Cisco Unified Contact Center Enterprise (CCE), Cisco Packaged Contact Center Enterprise (Packaged CCE), and Cisco Unified Intelligence Center (CUIC) versions 12.6 and earlier and 15.0. This vulnerability allows an authenticated, remote attacker to upload and execute arbitrary files. The issue arises from inadequate input validation in the file upload mechanisms. Exploitation of this vulnerability could enable the attacker to execute arbitrary commands on the underlying system and elevate privileges to root.

Impact

Exploitation of this vulnerability could allow an authenticated, remote attacker to upload and execute arbitrary files, leading to unauthorized command execution on the system with elevated privileges.

Remediation

Cisco has released software updates to address this vulnerability. For Cisco Unified CCX, users should upgrade to version 12.5 SU3 ES07 or 15.0 ES01. For Cisco Unified Intelligence Center, users should upgrade to version 15.0(01) ES202508. Instructions for obtaining the fixed software are available on the Cisco Support and Downloads page.