Cisco has released security updates to resolve security lack of maximum speed in a single communications guide (single CM) and the only management management session (only cm) that can allow an attacker to enter a sensitive device as a root user, allowing them to get increased privileges.
Vulnerability tracked as Cve-2015-20309Carries CVSS 10.0.
“This vulnerability is caused by the presence of static credentials for the root account that is reserved for use during development,” Cisco – Note in a consultation released on Wednesday.
“The attacker can use this vulnerability using an account to enter the affected system. Successful feat can allow the attacker to enter the affected system and execute arbitrary commands as a root user.”
Such powers similar to this usually come from testing or quick fixes during development, but they should never enter live systems. In tools such as Unified CM, which process voice calls and communication in the company, Root Access can allow the attackers to move deeper into the network, listen to calls or change as users enter.
Major networking equipment stated that she did not show any evidence of the lack of the wild, and that it was discovered during internal security testing.
CVE-2025-20309 affects the single CM and the only versions of the SME CM 15.1.130110 to 15.0.13017-1, regardless of the device’s configuration.
Cisco also released the compromise (IOC) indicators related to the shortage, saying that successful operation will lead to the record “/Var/Log/Active/Syslog/Secure” for root permits. The log can get by running the command below from the command line interface –
cucm1# file get activelog syslog/secure
Development occurs only a few days after the company fixed Two deficiency of security in the engine of identity and passive identity connector ISE (CVE-2015-20281 and CVE-2015-20282), which can allow an unauthorized attacker to perform arbitrary commands as a root user.
