<ul data-eligibleForWebStory="false"><li>Cisco has discovered hardcoded login credentials with root access in its Unified Communications Manager, requiring immediate patching.</li><li>The security flaw, tracked as CVE-2025-20309 with a severity score of 10/10, affects different releases of the Unified CM software.</li><li>Affected versions, ranging from 15.0.1.13010-1 to 15.0.1.13017-1, have no workarounds, and the only solution is to upgrade to version 15SU3 released in July 2025.</li><li>No evidence of abuse has been reported, and hardcoded credentials represent a common cause of system infiltrations in software applications.</li></ul>

Cisco warns of a serious security flaw in comms platform - and that it needs patching immediately

Discover more