Login
Israel-Hamas Conflict
Independence Day
Donald Trump
Taxes
Social Media
Artificial Intelligence
Republican Party
Education
WWE
Boxing
Natural Disasters
Heatwaves
Wrestling
institutional access

You are connecting from
Lake Geneva Public Library,
please login or register to take advantage of your institution's Ground News Plan.

Published loading...Updated

Cisco Scores a Perfect 10 for a Critical Comms Flaw

  • Last Wednesday, Cisco issued an advisory revealing CVE-2025-20309 affects certain versions of Unified CM and Unified CM SME with hardcoded root SSH credentials.
  • Cisco's advisory reveals static root credentials embedded during development in certain Unified CM releases, intentionally for testing and never removed, creating a permanent backdoor.
  • Evidence shows IoCs include log entries in /var/log/active/syslog/secure, with no proof of active exploits so far, but successful attacks could grant root command execution.
  • Beyond this incident, previous hardcoded credentials appeared in Cisco IOS XE, WAAS, DNA Center, and Emergency Responder, with a second CVSS 10 flaw in a week, followed by recent ISE fixes.
Insights by Ground AI
Does this summary seem wrong?

14 Articles

All
Left
Center
3
Right
Tech RadarTech Radar
Reposted by
World NEWS LiveWorld NEWS Live
Center

Cisco warns of a serious security flaw in comms platform - and that it needs patching immediately

Researchers found hardcoded credentials in Cisco Unified Communications Manager

·United Kingdom
Read Full Article
The RegisterThe Register
Center

Cisco scores a perfect 10 for a critical comms flaw

: The second max score this week for Netzilla - not a good look

Read Full Article
BleepingComputerBleepingComputer
Reposted by
cybernoz.comcybernoz.com
Center

Cisco warns that Unified CM has hardcoded root SSH credentials

Cisco has removed a backdoor account from its Unified Communications Manager (Unified CM), which would have allowed remote attackers to log in to unpatched devices with root privileges.

Read Full Article
Global Security Mag OnlineGlobal Security Mag Online

Vulnerability in Cisco Products (03 July 2025) – Global Security Mag Online

A vulnerability has been discovered in Cisco products. It allows an attacker to cause a circumvention of security policy. See online: https://www.cert.ssi.gouv.fr/avis/C...

Read Full Article
Malware Analysis, News and IndicatorsMalware Analysis, News and Indicators

CVE-2025-20309: Cisco Unified CM Flaw Enables Remote Root Access

CVE-2025-20309: Cisco Unified CM Flaw Enables Remote Root Access Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now a…

Read Full Article
Help Net SecurityHelp Net Security

Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309) - Help Net Security

Cisco has found a backdoor account in yet another of its software solutions: CVE-2025-20309, stemming from default credentials for the root account, could allow unauthenticated remote attackers to log into a vulnerable Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) platforms and use the acquired access to execute arbitrary commands with the highest privileges…

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 100% of the sources are Center
100% Center
Factuality

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

cybernoz.com broke the news in on Wednesday, July 2, 2025.
Sources are mostly out of (0)

Similar News Topics

Cisco icon

Cisco

You have read 1 out of your 5 free daily articles.

News
For You
SearchBlindspotLocal