CVE-2025-20275

{"id": "CVE-2025-20275", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 1.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2025-06-04T17:15:27.350", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uccx-editor-rce-ezyYZte8", "tags": ["Vendor Advisory"], "source": "psirt@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "psirt@cisco.com", "description": [{"lang": "en", "value": "CWE-502"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the file opening process of Cisco Unified Contact Center Express (Unified CCX) Editor could allow an unauthenticated attacker to execute arbitrary code on an affected device. \r\n\r\nThis vulnerability is due to insecure deserialization of Java objects by the affected software. An attacker could exploit this vulnerability by persuading an authenticated, local user to open a crafted .aef file. A successful exploit could allow the attacker to execute arbitrary code on the host that is running the editor application with the privileges of the user who launched it."}, {"lang": "es", "value": "Una vulnerabilidad en el proceso de apertura de archivos del editor de Cisco Unified Contact Center Express (Unified CCX) podr\u00eda permitir que un atacante no autenticado ejecute c\u00f3digo arbitrario en un dispositivo afectado. Esta vulnerabilidad se debe a la deserializaci\u00f3n insegura de objetos Java por parte del software afectado. Un atacante podr\u00eda explotar esta vulnerabilidad persuadiendo a un usuario local autenticado para que abra un archivo .aef manipulado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario en el host que ejecuta la aplicaci\u00f3n del editor con los privilegios del usuario que la inici\u00f3."}], "lastModified": "2025-07-22T13:36:08.037", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:8.5\\(1\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED97AAD8-D02D-42AB-863A-7538A1F6D425"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:9.0\\(2\\)su3es04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E1202DE4-CA67-424E-8379-2BC13630F0C7"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.0\\(1\\)su1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "31854EAF-89B5-40BB-98E7-7EBB2E867C96"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.0\\(1\\)su1es04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE1194F1-9CF5-460E-AF26-FB7CDC1EE878"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.5\\(1\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C277058-F33F-4E60-AE89-658CB6558D9A"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.5\\(1\\)su1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E255206-BDDB-4F0F-9ED7-3A3ACA74EF83"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.5\\(1\\)su1es10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE358FF2-CB8A-4E0D-926E-ED151B585E52"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6F83A65-F3AC-4F6B-97A3-9FC582683BCB"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A766B903-E6DB-4838-90A7-63918C9F8AD9"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F1F0C70-E644-4DCA-93C2-6BCB331D08E6"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su2es04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF54B434-E765-40B1-B12A-21FC7F415ACE"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "60839544-11E0-4381-A9AA-21D6FB403F88"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su3es01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D8114CF-6689-4C97-BD5D-07CC8EEF35A2"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su3es02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D90986B-64ED-44A1-9CF1-7C9FD27555FF"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su3es03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "442E4715-5043-4BF7-8961-C8844A00A7B5"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.0\\(1\\)su1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0242DD9A-A5BB-4DE7-9218-7AE0FE2A65AD"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.0\\(1\\)su1es02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5002FAA-FE64-4AA7-B0D7-22084CCE0CE4"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.0\\(1\\)su1es03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C17A2AB-33B3-4089-A701-A29A4E55D667"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)es01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC6FFA8B-248F-42C7-8A06-3F7E158386EE"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)su1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "26A35E9A-FFFB-49AF-BA70-67F3EA54B9ED"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)su1es01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F529FE5-1DE8-43A5-88EE-0980D3A55BCF"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)su1es02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "766350AF-1B2F-4DC0-9DA3-E17B45892163"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)su1es03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "702E48CC-3858-491C-A328-5D9ADDDC8DC0"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(1\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20CF8B80-28C0-407B-BA60-1B07694A3DFA"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(1\\)es01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59A30F7B-9756-40BD-89C1-60E2702CC806"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(1\\)es02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "29A15BB5-0725-4159-B387-74CFBF58F349"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82F5416D-0DF3-48BB-8A23-DBC2B0746195"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "908E3B03-7248-44B4-B0DE-E3B3F7FA9555"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1705F343-BF9D-4EBC-B833-64F03EDD7C27"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "686F6450-99FC-4260-B9CE-B7F313464EFB"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93851C02-3E0A-41F1-82BB-24546A83E272"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es05:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "10E25C7A-42B4-40CE-A13B-0252C05FCFD5"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es06:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D0128C7-3FB4-42EE-B4D8-68EAAC4727A9"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es07:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A92970B-53FD-4ED6-95BC-FDC7BB6780CB"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es08:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE8E4137-3059-46B0-B241-2AA42A3D959E"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30A8784D-B7A6-4F13-B89D-4ED910CC0576"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\)es01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B368DEE7-7639-4D46-997B-2F2409712CAA"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\)es02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B721320B-C72C-4550-B585-9F43439FAB25"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\)es03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5F18549-A002-4106-9740-6B641E0ECF8E"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\)es04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFF4AD59-6A04-4473-84E0-D99D24D99BC4"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9715BD0-F519-462E-ACF6-859B203638D5"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su01_es01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB2C8F59-78F2-4E3A-8261-F4EF214F691A"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su01_es02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D3117461-56A5-4957-8BE0-83F44B66AE3E"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su01_es03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4B279AE4-9CF7-49F1-A4C3-D8A6301EF136"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su02_es01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "860ACAB6-5CB9-468C-90C4-B7C8E9559D2A"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su02_es02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB2D8357-773D-492F-BC5B-F672C4D736A7"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su02_es03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE0B3B5E-2C4C-473C-B7FB-F62AAC19744C"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su02_es04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51D7EEFA-D04C-4769-8C62-B8B5902F79ED"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E31A16D3-3B40-42EA-BAC3-05A13082CED2"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21F08B08-23C1-4AD7-AD67-34D196C8470E"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05AD3A80-2409-475E-87F5-430E51C53087"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49165652-275C-4AD9-9585-2F130989D404"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es05:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4480EF1-226E-459E-B2F5-3985A219BBD5"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es06:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A408698-6123-4772-8D11-FE89EBB135D0"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)es01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81728CDB-DD39-4DD9-BB82-6F2D8E3D1E2D"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)es02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80F9AF5B-3670-4910-9AD8-C1FB90C7190B"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)es03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "78DAF852-5CA1-4D2B-948B-F0E9FB9DA973"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)su1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83EDDAAF-0746-4851-B7E5-60E4ED039D02"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)su2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FBB3406-4AD0-41B1-AFC3-3FC6E7E01B10"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)su3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6BF183D9-CDF6-44D9-B529-F13666A3EE07"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@cisco.com"}