CVE-2025-20275 – Cisco Unified Contact Center Express Java Deserialization Code Execution Vulnerability

June 4, 2025

CVE ID : CVE-2025-20275

Published : June 4, 2025, 5:15 p.m. | 2 hours, 21 minutes ago

Description : A vulnerability in the file opening process of Cisco Unified Contact Center Express (Unified CCX) Editor could allow an unauthenticated attacker to execute arbitrary code on an affected device.

This vulnerability is due to insecure deserialization of Java objects by the affected software. An attacker could exploit this vulnerability by persuading an authenticated, local user to open a crafted .aef file. A successful exploit could allow the attacker to execute arbitrary code on the host that is running the editor application with the privileges of the user who launched it.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-20276 – “Cisco Unified CCX Java Deserialization Remote Code Execution Vulnerability”

Next Article CVE-2025-20259 – Cisco ThousandEyes Endpoint Agent for Windows Symbolic Link File Deletion Vulnerability

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2025-20275 – Cisco Unified Contact Center Express Java Deserialization Code Execution Vulnerability

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

Google DeepMind’s CEO says Gemini’s upgrades could lead to AGI — but he still thinks society isn’t “ready for it”

CVE-2025-6032 – Podman TLS Certificate Verification Bypass Vulnerability

CVE-2025-4906 – “PHPGurukul Notice Board System SQL Injection Vulnerability”

Microsoft at 50: Its incredible rise, 15 lost years, and stunning comeback – in 4 charts

CVE-2024-55569 – Samsung Exynos Out-of-Bounds Write Vulnerability

CVE-2025-5277 – Amazon Web Services (AWS) MCP-Server Command Injection Vulnerability

Argonaut DTO Package for Laravel

CVE-2025-47420 – Crestron Automate VX Privilege Escalation Vulnerability

CVE-2025-20275 – Cisco Unified Contact Center Express Java Deserialization Code Execution Vulnerability

Related Posts