Multiple Cisco Unified CCX Flaws Allow Attackers to Execute Arbitrary Commands

Cisco has disclosed critical remote code execution vulnerabilities affecting Cisco Unified Contact Center Express (CCX), exposing organizations to severe security risks.

The advisory details two independent vulnerabilities in the Java Remote Method Invocation (RMI) process that could allow unauthenticated attackers to gain complete system control, including root-level privileges.

The Threat Landscape

The vulnerabilities represent a significant threat to contact center operations worldwide. Attackers can exploit these flaws without authentication or user interaction, making them particularly dangerous in real-world scenarios.

The Java RMI process in Cisco Unified CCX, which handles critical communication functions, contains improper authentication mechanisms that create multiple attack vectors.

The first vulnerability enables attackers to upload arbitrary files and execute commands with root permissions on affected systems.

The second vulnerability allows…