Detections
Analytics
Cisco Unified Communications Manager (CUCM) Static SSH Credentials (cisco-sa-cucm-ssh-m4UBdpE7)
critical Nessus Plugin ID 241369
Language:
Synopsis
The remote device is missing a vendor-supplied security patch.Description
According to its self-reported version, Cisco Unified Communications Products is affected by a hard-coded credentials vulnerability.- A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted. This vulnerability is due to the presence of static user credentials for the root account that are reserved for use during development. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to log in to the affected system and execute arbitrary commands as the root user. (CVE-2025-20309)
Please see the included Cisco BIDs and Cisco Security Advisory for more information.
Solution
Upgrade to the relevant fixed version referenced in Cisco bug IDs CSCwp27755See Also
Plugin Details
Severity: Critical
ID: 241369
File Name: cisco-sa-cucm-ssh-m4UBdpE7.nasl
Version: 1.1
Type: combined
Family: CISCO
Published: 7/4/2025
Updated: 7/4/2025
Configuration: Enable paranoid mode
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Critical
Score: 9.2
CVSS v2
Risk Factor: Info
Base Score: 0
Vector: CVSS2#AV:L/AC:H/Au:M/C:N/I:N/A:N
CVSS Score Source: CVE-2025-20309
CVSS v3
Risk Factor: Critical
Base Score: 10
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Information
CPE: cpe:/a:cisco:unified_communications_manager
Required KB Items: Settings/ParanoidReport, Host/Cisco/CUCM/Version
Patch Publication Date: 7/2/2025
Vulnerability Publication Date: 7/2/2025
Reference Information
CVE: CVE-2025-20309