Cisco UB CLI: Authenticated Local RCE via Arg Validation
CVE-2025-20278 Published on June 4, 2025
Cisco Unified Communications Products Command Injection Vulnerability
A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user.
This vulnerability is due to improper validation of user-supplied command arguments. An attacker could exploit this vulnerability by executing crafted commands on the CLI of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. To exploit this vulnerability, the attacker must have valid administrative credentials.
Vulnerability Analysis
CVE-2025-20278 is exploitable with local system access, and requires user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality and integrity, and no impact on availability.
Attack Vector:
LOCAL
Attack Complexity:
LOW
Privileges Required:
HIGH
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
NONE
Weakness Type
What is a Command Injection Vulnerability?
The software constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
CVE-2025-20278 has been classified to as a Command Injection vulnerability or weakness.
Products Associated with CVE-2025-20278
Want to know whenever a new CVE is published for Cisco products? stack.watch will email you.
Affected Versions
Cisco Finesse:- Version 11.0(1)ES_Rollback is affected.
- Version 10.5(1)ES4 is affected.
- Version 11.6(1)ES3 is affected.
- Version 11.0(1)ES2 is affected.
- Version 12.0(1)ES2 is affected.
- Version 10.5(1)ES3 is affected.
- Version 11.0(1) is affected.
- Version 11.6(1)FIPS is affected.
- Version 11.6(1)ES4 is affected.
- Version 11.0(1)ES3 is affected.
- Version 10.5(1)ES6 is affected.
- Version 11.0(1)ES7 is affected.
- Version 11.5(1)ES4 is affected.
- Version 10.5(1)ES8 is affected.
- Version 11.5(1) is affected.
- Version 11.6(1) is affected.
- Version 10.5(1)ES10 is affected.
- Version 11.6(1)ES2 is affected.
- Version 11.6(1)ES is affected.
- Version 11.0(1)ES6 is affected.
- Version 11.0(1)ES4 is affected.
- Version 12.0(1) is affected.
- Version 11.6(1)ES7 is affected.
- Version 10.5(1)ES7 is affected.
- Version 11.6(1)ES8 is affected.
- Version 11.5(1)ES1 is affected.
- Version 11.6(1)ES1 is affected.
- Version 11.5(1)ES5 is affected.
- Version 11.0(1)ES1 is affected.
- Version 10.5(1) is affected.
- Version 11.6(1)ES6 is affected.
- Version 10.5(1)ES2 is affected.
- Version 12.0(1)ES1 is affected.
- Version 11.0(1)ES5 is affected.
- Version 10.5(1)ES5 is affected.
- Version 11.5(1)ES3 is affected.
- Version 11.5(1)ES2 is affected.
- Version 10.5(1)ES9 is affected.
- Version 11.6(1)ES5 is affected.
- Version 11.6(1)ES9 is affected.
- Version 11.5(1)ES6 is affected.
- Version 10.5(1)ES1 is affected.
- Version 12.5(1) is affected.
- Version 12.0(1)ES3 is affected.
- Version 11.6(1)ES10 is affected.
- Version 12.5(1)ES1 is affected.
- Version 12.5(1)ES2 is affected.
- Version 12.0(1)ES4 is affected.
- Version 12.5(1)ES3 is affected.
- Version 12.0(1)ES5 is affected.
- Version 12.5(1)ES4 is affected.
- Version 12.0(1)ES6 is affected.
- Version 12.5(1)ES5 is affected.
- Version 12.5(1)ES6 is affected.
- Version 12.0(1)ES7 is affected.
- Version 12.6(1) is affected.
- Version 12.5(1)ES7 is affected.
- Version 11.6(1)ES11 is affected.
- Version 12.6(1)ES1 is affected.
- Version 12.0(1)ES8 is affected.
- Version 12.5(1)ES8 is affected.
- Version 12.6(1)ES2 is affected.
- Version 12.6(1)ES3 is affected.
- Version 12.6(1)ES4 is affected.
- Version 12.6(1)ES5 is affected.
- Version 12.5(2) is affected.
- Version 12.5(1)_SU is affected.
- Version 12.5(1)SU is affected.
- Version 12.6(1)ES6 is affected.
- Version 12.5(1)SU ES1 is affected.
- Version 12.6(1)ES7 is affected.
- Version 12.6(1)ES7_ET is affected.
- Version 12.6(2) is affected.
- Version 12.6(1)ES8 is affected.
- Version 12.6(1)ES9 is affected.
- Version 12.6(2)ES1 is affected.
- Version 12.6(1)ES10 is affected.
- Version 12.5(1)SU ES2 is affected.
- Version 12.6(1)ES11 is affected.
- Version 12.6(2)ES2 is affected.
- Version 12.6(2)ES3 is affected.
- Version 12.5(1)SU ES3 is affected.
- Version 12.6(2)ES4 is affected.
- Version 12.6(2)ES5 is affected.
- Version 12.5(1)ES01 is affected.
- Version 10.5(1) is affected.
- Version 11.6(1) is affected.
- Version 10.6(1) is affected.
- Version 12.0(1)ES04 is affected.
- Version 10.6(2) is affected.
- Version 12.5(1) is affected.
- Version 11.6(2) is affected.
- Version 12.0(1) is affected.
- Version 12.0(1)ES02 is affected.
- Version 11.0(1) is affected.
- Version 11.5(1) is affected.
- Version 11.5(1)SU1 is affected.
- Version 12.0(1)ES03 is affected.
- Version 12.5(1)SU3 is affected.
- Version 12.5(1)SU1 is affected.
- Version 12.5(1)SU2 is affected.
- Version 12.5(1)SU2 is affected.
- Version 12.5(1)SU1 is affected.
- Version 12.5(1) is affected.
- Version 12.5(1)SU3 is affected.
- Version 12.5(1)SU4 is affected.
- Version 14 is affected.
- Version 12.5(1)SU5 is affected.
- Version 14SU1 is affected.
- Version 12.5(1)SU6 is affected.
- Version 14SU2 is affected.
- Version 12.5(1)SU7 is affected.
- Version 12.5(1)SU7a is affected.
- Version 14SU3 is affected.
- Version 12.5(1)SU8 is affected.
- Version 12.5(1)SU8a is affected.
- Version 15 is affected.
- Version 15SU1 is affected.
- Version 14SU4 is affected.
- Version 14SU4a is affected.
- Version 15SU1a is affected.
- Version 12.5(1)SU9 is affected.
- Version 12.5(1) is affected.
- Version 12.5(1)SU1 is affected.
- Version 12.5(1)SU2 is affected.
- Version 12.5(1)SU3 is affected.
- Version 12.5(1)SU4 is affected.
- Version 14 is affected.
- Version 12.5(1)SU5 is affected.
- Version 14SU1 is affected.
- Version 12.5(1)SU6 is affected.
- Version 14SU2 is affected.
- Version 14SU2a is affected.
- Version 12.5(1)SU7 is affected.
- Version 14SU3 is affected.
- Version 12.5(1)SU8 is affected.
- Version 15 is affected.
- Version Recovery ISO is affected.
- Version 15SU1 is affected.
- Version 14SU4 is affected.
- Version 12.5(1)SU9 is affected.
- Version 10.6(1) is affected.
- Version 10.5(1)SU1 is affected.
- Version 10.6(1)SU3 is affected.
- Version 12.0(1) is affected.
- Version 10.0(1)SU1 is affected.
- Version 10.6(1)SU1 is affected.
- Version 11.0(1)SU1 is affected.
- Version 11.5(1)SU1 is affected.
- Version 10.5(1) is affected.
- Version 11.6(1) is affected.
- Version 11.6(2) is affected.
- Version 12.5(1) is affected.
- Version 12.5(1)SU1 is affected.
- Version 12.5(1)SU2 is affected.
- Version 12.5(1)SU3 is affected.
- Version 12.5(1)_SU03_ES01 is affected.
- Version 12.5(1)_SU03_ES02 is affected.
- Version 12.5(1)_SU02_ES03 is affected.
- Version 12.5(1)_SU02_ES04 is affected.
- Version 12.5(1)_SU02_ES02 is affected.
- Version 12.5(1)_SU01_ES02 is affected.
- Version 12.5(1)_SU01_ES03 is affected.
- Version 12.5(1)_SU02_ES01 is affected.
- Version 11.6(2)ES07 is affected.
- Version 11.6(2)ES08 is affected.
- Version 12.5(1)_SU01_ES01 is affected.
- Version 12.0(1)ES04 is affected.
- Version 12.5(1)ES02 is affected.
- Version 12.5(1)ES03 is affected.
- Version 11.6(2)ES06 is affected.
- Version 12.5(1)ES01 is affected.
- Version 12.0(1)ES03 is affected.
- Version 12.0(1)ES01 is affected.
- Version 11.6(2)ES05 is affected.
- Version 12.0(1)ES02 is affected.
- Version 11.6(2)ES04 is affected.
- Version 11.6(2)ES03 is affected.
- Version 11.6(2)ES02 is affected.
- Version 11.6(2)ES01 is affected.
- Version 10.6(1)SU3ES03 is affected.
- Version 11.0(1)SU1ES03 is affected.
- Version 10.6(1)SU3ES01 is affected.
- Version 10.5(1)SU1ES10 is affected.
- Version 10.0(1)SU1ES04 is affected.
- Version 11.5(1)SU1ES03 is affected.
- Version 11.6(1)ES02 is affected.
- Version 11.5(1)ES01 is affected.
- Version 9.0(2)SU3ES04 is affected.
- Version 10.6(1)SU2 is affected.
- Version 10.6(1)SU2ES04 is affected.
- Version 11.6(1)ES01 is affected.
- Version 10.6(1)SU3ES02 is affected.
- Version 11.5(1)SU1ES02 is affected.
- Version 11.5(1)SU1ES01 is affected.
- Version 8.5(1) is affected.
- Version 11.0(1)SU1ES02 is affected.
- Version 12.5(1)_SU03_ES03 is affected.
- Version 12.5(1)_SU03_ES04 is affected.
- Version 12.5(1)_SU03_ES05 is affected.
- Version 12.5(1)_SU03_ES06 is affected.
- Version 11.6(1) is affected.
- Version 10.5(1) is affected.
- Version 11.0(1) is affected.
- Version 11.5(1) is affected.
- Version 12.0(1) is affected.
- Version 12.5(1) is affected.
- Version 11.0(2) is affected.
- Version 12.6(1) is affected.
- Version 12.5(1)SU is affected.
- Version 12.6(1)_ET is affected.
- Version 12.6(1)_ES05_ET is affected.
- Version 11.0(3) is affected.
- Version 12.6(2) is affected.
- Version 12.6(2)_504_Issue_ET is affected.
- Version 12.6.1_ExcelIssue_ET is affected.
- Version 12.6(2)_Permalink_ET is affected.
- Version 12.6.2_CSCwk19536_ET is affected.
- Version 12.6.2_CSCwm96922_ET is affected.
- Version 12.6.2_Amq_OOS_ET is affected.
- Version 12.5(2)ET_CSCwi79933 is affected.
- Version 12.6(2)_ET is affected.
- Version 12.6.2_CSCwn48501_ET is affected.
- Version 12.5(1) is affected.
- Version 12.5(1)SU1 is affected.
- Version 12.5(1)SU2 is affected.
- Version 12.5(1)SU3 is affected.
- Version 12.5(1)SU4 is affected.
- Version 14 is affected.
- Version 12.5(1)SU5 is affected.
- Version 14SU1 is affected.
- Version 12.5(1)SU6 is affected.
- Version 14SU2 is affected.
- Version 12.5(1)SU7 is affected.
- Version 14SU3 is affected.
- Version 12.5(1)SU8 is affected.
- Version 14SU3a is affected.
- Version 12.5(1)SU8a is affected.
- Version 15 is affected.
- Version 15SU1 is affected.
- Version 14SU4 is affected.
- Version 12.5(1)SU9 is affected.
- Version 11.0(1) is affected.
- Version 11.6(1)_ES84 is affected.
- Version 11.5(1)_ES54 is affected.
- Version 11.5(1)_ES27 is affected.
- Version 11.5(1) is affected.
- Version 11.5(1)ES36 is affected.
- Version 12.0(1)_ES01 is affected.
- Version 11.6(1)_ES85 is affected.
- Version 12.5(1)_ES05 is affected.
- Version 11.5(1)_ES32 is affected.
- Version 11.6(1)_ES83 is affected.
- Version 11.5(1)_ES29 is affected.
- Version 12.0(1)_ES06 is affected.
- Version 12.5(1) is affected.
- Version 12.0(1)_ES07 is affected.
- Version 11.6(1)_ES80 is affected.
- Version 12.0(1)_ES05 is affected.
- Version 11.5(1)_ES36 is affected.
- Version 11.5(1)_ES53 is affected.
- Version 12.5(1)_ES08 is affected.
- Version 11.5(1)ES43 is affected.
- Version 12.0(1)_ES03 is affected.
- Version 11.6(1)_ES86 is affected.
- Version 12.0(1)_ES04 is affected.
- Version 11.5(1)ES27 is affected.
- Version 12.5(1)_ES03 is affected.
- Version 11.6(1)_ES88 is affected.
- Version 12.5(1)_ES06 is affected.
- Version 11.6(1)_ES82 is affected.
- Version 11.6(1) is affected.
- Version 11.5(1)ES29 is affected.
- Version 12.5(1)_ES04 is affected.
- Version 12.5(1)_ES07 is affected.
- Version 11.6(1)_ES87 is affected.
- Version 11.6(1)_ES81 is affected.
- Version 12.0(1) is affected.
- Version 11.6(1)_ES22 is affected.
- Version 11.5(1)_ES43 is affected.
- Version 11.5(1)ES32 is affected.
- Version 12.0(1)_ES02 is affected.
- Version 12.5(1)_ES02 is affected.
- Version 12.6(1) is affected.
- Version 12.5(1)_ES09 is affected.
- Version 12.6(1)_ES01 is affected.
- Version 12.0(1)_ES08 is affected.
- Version 12.5(1)_ES10 is affected.
- Version 12.6(1)_ES02 is affected.
- Version 12.5(1)_ES11 is affected.
- Version 12.5(1)_ES12 is affected.
- Version 12.6(1)_ES03 is affected.
- Version 12.5(1)_ES13 is affected.
- Version 12.5(1)_ES14 is affected.
- Version 12.6(1)_ES04 is affected.
- Version 12.6(1)_ES05 is affected.
- Version 12.5(1)_ES15 is affected.
- Version 12.6(1)_ES06 is affected.
- Version 12.6(1)_ET is affected.
- Version 12.5(1)_ES16 is affected.
- Version 12.5(1)SU is affected.
- Version 12.5(1)_SU is affected.
- Version 12.5(1)_SU_ES01 is affected.
- Version 12.6(1)_ES07 is affected.
- Version 12.6(2) is affected.
- Version 12.5(1)_ES17 is affected.
- Version 12.6(1)_ES08 is affected.
- Version 12.6(1)_ES09 is affected.
- Version 12.6(1)_ES10 is affected.
- Version 12.5(1)_SU_ES02 is affected.
- Version 12.6(2)_ES01 is affected.
- Version 12.6(2)_ET01 is affected.
- Version 12.5(2)_ET is affected.
- Version 12.6(2)_ES02 is affected.
- Version 12.6(2)_ET_Streaming is affected.
- Version 12.6(2)ET_Transcribe is affected.
- Version 12.6(2)_ES03 is affected.
- Version 12.6(2)ET_NuanceMix is affected.
- Version 12.6(2)ET_FileUpload is affected.
- Version 12.6(2)_ET02 is affected.
- Version 12.6(2)_ES04 is affected.
- Version 12.6.2ET_RTPfallback is affected.
- Version 12.6.2ET_CSCwf55306 is affected.
- Version 12.6.2_ET_CSCwj36712 is affected.
- Version 12.5.2 ET-CSCwj33374 is affected.
- Version 12.5(1) SU ET is affected.
- Version 12.6(2)ET_CSCwj87296 is affected.
- Version 12.6(2)_ES05 is affected.
- Version 12.5.2_ET_CSCvz27014 is affected.
- Version 12.6(2)_ET is affected.
- Version 12.6.2-ET is affected.
- Version 12.6(2)ET_CSCwk83135 is affected.
- Version 12.6.2_ET_CX_ALAW is affected.
- Version 12.6.2-ET01-SSL is affected.
- Version 12.6(2)_ES06 is affected.
Exploit Probability
EPSS
0.02%
Percentile
3.86%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.