5.1
CVE-2025-20112
- EPSS 0.02%
- Published 21.05.2025 16:19:24
- Last modified 21.05.2025 20:24:58
- Source psirt@cisco.com
- Teams watchlist Login
- Open Login
A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to excessive permissions that have been assigned to system commands. An attacker could exploit this vulnerability by executing crafted commands on the underlying operating system. A successful exploit could allow the attacker to escape the restricted shell and gain root privileges on the underlying operating system of an affected device. To successfully exploit this vulnerability, an attacker would need administrative access to the ESXi hypervisor.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorCisco
≫
Product
Cisco Emergency Responder
Default Statusunknown
Version
12.5(1a)
Status
affected
Version
12.5(1)SU1
Status
affected
Version
12.5(1)
Status
affected
Version
12.5(1)SU2
Status
affected
Version
12.5(1)SU3
Status
affected
Version
12.5(1)SU4
Status
affected
Version
14
Status
affected
Version
12.5(1)SU5
Status
affected
Version
14SU1
Status
affected
Version
12.5(1)SU6
Status
affected
Version
14SU2
Status
affected
Version
12.5(1)SU7
Status
affected
Version
14SU3
Status
affected
Version
12.5(1)SU8
Status
affected
Version
12.5(1)SU8a
Status
affected
Version
12.5(1)SU8b
Status
affected
Version
14SU3a
Status
affected
Version
15
Status
affected
Version
15SU1
Status
affected
Version
15SU1a
Status
affected
Version
14SU4
Status
affected
Version
12.5(1)SU9
Status
affected
VendorCisco
≫
Product
Cisco Finesse
Default Statusunknown
Version
11.0(1)ES_Rollback
Status
affected
Version
10.5(1)ES4
Status
affected
Version
11.6(1)ES3
Status
affected
Version
11.0(1)ES2
Status
affected
Version
12.0(1)ES2
Status
affected
Version
10.5(1)ES3
Status
affected
Version
11.0(1)
Status
affected
Version
11.6(1)FIPS
Status
affected
Version
11.6(1)ES4
Status
affected
Version
11.0(1)ES3
Status
affected
Version
10.5(1)ES6
Status
affected
Version
11.0(1)ES7
Status
affected
Version
11.5(1)ES4
Status
affected
Version
10.5(1)ES8
Status
affected
Version
11.5(1)
Status
affected
Version
11.6(1)
Status
affected
Version
10.5(1)ES10
Status
affected
Version
11.6(1)ES2
Status
affected
Version
11.6(1)ES
Status
affected
Version
11.0(1)ES6
Status
affected
Version
11.0(1)ES4
Status
affected
Version
12.0(1)
Status
affected
Version
11.6(1)ES7
Status
affected
Version
10.5(1)ES7
Status
affected
Version
11.6(1)ES8
Status
affected
Version
11.5(1)ES1
Status
affected
Version
11.6(1)ES1
Status
affected
Version
11.5(1)ES5
Status
affected
Version
11.0(1)ES1
Status
affected
Version
10.5(1)
Status
affected
Version
11.6(1)ES6
Status
affected
Version
10.5(1)ES2
Status
affected
Version
12.0(1)ES1
Status
affected
Version
11.0(1)ES5
Status
affected
Version
10.5(1)ES5
Status
affected
Version
11.5(1)ES3
Status
affected
Version
11.5(1)ES2
Status
affected
Version
10.5(1)ES9
Status
affected
Version
11.6(1)ES5
Status
affected
Version
11.6(1)ES9
Status
affected
Version
11.5(1)ES6
Status
affected
Version
10.5(1)ES1
Status
affected
Version
12.5(1)
Status
affected
Version
12.0(1)ES3
Status
affected
Version
11.6(1)ES10
Status
affected
Version
12.5(1)ES1
Status
affected
Version
12.5(1)ES2
Status
affected
Version
12.0(1)ES4
Status
affected
Version
12.5(1)ES3
Status
affected
Version
12.0(1)ES5
Status
affected
Version
12.5(1)ES4
Status
affected
Version
12.0(1)ES6
Status
affected
Version
12.5(1)ES5
Status
affected
Version
12.5(1)ES6
Status
affected
Version
12.0(1)ES7
Status
affected
Version
12.6(1)
Status
affected
Version
12.5(1)ES7
Status
affected
Version
11.6(1)ES11
Status
affected
Version
12.6(1)ES1
Status
affected
Version
12.0(1)ES8
Status
affected
Version
12.5(1)ES8
Status
affected
Version
12.6(1)ES2
Status
affected
Version
12.6(1)ES3
Status
affected
Version
12.6(1)ES4
Status
affected
Version
12.6(1)ES5
Status
affected
Version
12.5(2)
Status
affected
Version
12.5(1)_SU
Status
affected
Version
12.5(1)SU
Status
affected
Version
12.6(1)ES6
Status
affected
Version
12.5(1)SU ES1
Status
affected
Version
12.6(1)ES7
Status
affected
Version
12.6(1)ES7_ET
Status
affected
Version
12.6(2)
Status
affected
Version
12.6(1)ES8
Status
affected
Version
12.6(1)ES9
Status
affected
Version
12.6(2)ES1
Status
affected
Version
12.6(1)ES10
Status
affected
Version
12.5(1)SU ES2
Status
affected
Version
12.6(1)ES11
Status
affected
Version
12.6(2)ES2
Status
affected
Version
12.6(2)ES3
Status
affected
Version
12.5(1)SU ES3
Status
affected
Version
12.6(2)ES4
Status
affected
Version
12.6(2)ES6
Status
affected
VendorCisco
≫
Product
Cisco Prime Collaboration Deployment
Default Statusunknown
Version
11.5(1)
Status
affected
Version
11.0(1a)
Status
affected
Version
11.5(1)SU1
Status
affected
Version
10.5(3)
Status
affected
Version
12.6(1)
Status
affected
Version
11.0(1)
Status
affected
Version
11.6(2)
Status
affected
Version
12.1(1)
Status
affected
Version
12.0(1a)
Status
affected
Version
11.5(3)
Status
affected
Version
10.5(1)
Status
affected
Version
12.5(1)
Status
affected
Version
11.5(2)
Status
affected
Version
11.6(1)
Status
affected
Version
10.5(2)
Status
affected
Version
10.5(3)SU1
Status
affected
Version
14
Status
affected
Version
14SU1
Status
affected
Version
14SU2
Status
affected
Version
14SU3
Status
affected
Version
15
Status
affected
Version
15SU1
Status
affected
Version
14SU4
Status
affected
VendorCisco
≫
Product
Cisco SocialMiner
Default Statusunknown
Version
12.5(1)ES01
Status
affected
Version
10.5(1)
Status
affected
Version
11.6(1)
Status
affected
Version
10.6(1)
Status
affected
Version
12.0(1)ES04
Status
affected
Version
10.6(2)
Status
affected
Version
12.5(1)
Status
affected
Version
11.6(2)
Status
affected
Version
12.0(1)
Status
affected
Version
12.0(1)ES02
Status
affected
Version
11.0(1)
Status
affected
Version
11.5(1)
Status
affected
Version
11.5(1)SU1
Status
affected
Version
12.0(1)ES03
Status
affected
Version
12.5(1)SU3
Status
affected
Version
12.5(1)SU1
Status
affected
Version
12.5(1)SU2
Status
affected
VendorCisco
≫
Product
Cisco Unified Communications Manager
Default Statusunknown
Version
12.5(1)SU2
Status
affected
Version
12.5(1)SU1
Status
affected
Version
12.5(1)
Status
affected
Version
12.5(1)SU3
Status
affected
Version
12.5(1)SU4
Status
affected
Version
14
Status
affected
Version
12.5(1)SU5
Status
affected
Version
14SU1
Status
affected
Version
12.5(1)SU6
Status
affected
Version
14SU2
Status
affected
Version
12.5(1)SU7
Status
affected
Version
12.5(1)SU7a
Status
affected
Version
14SU3
Status
affected
Version
12.5(1)SU8
Status
affected
Version
12.5(1)SU8a
Status
affected
Version
15
Status
affected
Version
15SU1
Status
affected
Version
14SU4
Status
affected
Version
14SU4a
Status
affected
Version
15SU1a
Status
affected
Version
12.5(1)SU9
Status
affected
VendorCisco
≫
Product
Cisco Unified Communications Manager IM and Presence Service
Default Statusunknown
Version
12.5(1)
Status
affected
Version
12.5(1)SU1
Status
affected
Version
12.5(1)SU2
Status
affected
Version
12.5(1)SU3
Status
affected
Version
12.5(1)SU4
Status
affected
Version
14
Status
affected
Version
12.5(1)SU5
Status
affected
Version
14SU1
Status
affected
Version
12.5(1)SU6
Status
affected
Version
14SU2
Status
affected
Version
14SU2a
Status
affected
Version
12.5(1)SU7
Status
affected
Version
14SU3
Status
affected
Version
12.5(1)SU8
Status
affected
Version
15
Status
affected
Version
15SU1
Status
affected
Version
14SU4
Status
affected
Version
12.5(1)SU9
Status
affected
VendorCisco
≫
Product
Cisco Unified Contact Center Express
Default Statusunknown
Version
10.5(1)SU1
Status
affected
Version
10.6(1)
Status
affected
Version
11.6(1)
Status
affected
Version
10.6(1)SU1
Status
affected
Version
10.6(1)SU3
Status
affected
Version
11.6(2)
Status
affected
Version
12.0(1)
Status
affected
Version
10.0(1)SU1
Status
affected
Version
11.0(1)SU1
Status
affected
Version
11.5(1)SU1
Status
affected
Version
10.5(1)
Status
affected
Version
12.5(1)
Status
affected
Version
12.5(1)SU1
Status
affected
Version
12.5(1)SU2
Status
affected
Version
12.5(1)SU3
Status
affected
Version
12.5(1)_SU03_ES01
Status
affected
Version
12.5(1)_SU03_ES02
Status
affected
Version
12.5(1)_SU02_ES03
Status
affected
Version
12.5(1)_SU02_ES04
Status
affected
Version
12.5(1)_SU02_ES02
Status
affected
Version
12.5(1)_SU01_ES02
Status
affected
Version
12.5(1)_SU01_ES03
Status
affected
Version
12.5(1)_SU02_ES01
Status
affected
Version
11.6(2)ES07
Status
affected
Version
11.6(2)ES08
Status
affected
Version
12.5(1)_SU01_ES01
Status
affected
Version
12.0(1)ES04
Status
affected
Version
12.5(1)ES02
Status
affected
Version
12.5(1)ES03
Status
affected
Version
11.6(2)ES06
Status
affected
Version
12.5(1)ES01
Status
affected
Version
12.0(1)ES03
Status
affected
Version
12.0(1)ES01
Status
affected
Version
11.6(2)ES05
Status
affected
Version
12.0(1)ES02
Status
affected
Version
11.6(2)ES04
Status
affected
Version
11.6(2)ES03
Status
affected
Version
11.6(2)ES02
Status
affected
Version
11.6(2)ES01
Status
affected
Version
10.6(1)SU3ES03
Status
affected
Version
11.0(1)SU1ES03
Status
affected
Version
10.6(1)SU3ES01
Status
affected
Version
10.5(1)SU1ES10
Status
affected
Version
10.0(1)SU1ES04
Status
affected
Version
11.5(1)SU1ES03
Status
affected
Version
11.6(1)ES02
Status
affected
Version
11.5(1)ES01
Status
affected
Version
9.0(2)SU3ES04
Status
affected
Version
10.6(1)SU2
Status
affected
Version
10.6(1)SU2ES04
Status
affected
Version
11.6(1)ES01
Status
affected
Version
10.6(1)SU3ES02
Status
affected
Version
11.5(1)SU1ES02
Status
affected
Version
11.5(1)SU1ES01
Status
affected
Version
8.5(1)SU4ES09
Status
affected
Version
8.5(1)
Status
affected
Version
11.0(1)SU1ES02
Status
affected
Version
12.5(1)_SU03_ES03
Status
affected
Version
12.5(1)_SU03_ES04
Status
affected
Version
12.5(1)_SU03_ES05
Status
affected
Version
12.5(1)_SU03_ES06
Status
affected
VendorCisco
≫
Product
Cisco Unified Intelligence Center
Default Statusunknown
Version
11.6(1)
Status
affected
Version
10.5(1)
Status
affected
Version
11.0(1)
Status
affected
Version
11.5(1)
Status
affected
Version
12.0(1)
Status
affected
Version
12.5(1)
Status
affected
Version
11.0(2)
Status
affected
Version
12.6(1)
Status
affected
Version
12.5(1)SU
Status
affected
Version
12.6(1)_ET
Status
affected
Version
12.6(1)_ES05_ET
Status
affected
Version
11.0(3)
Status
affected
Version
12.6(2)
Status
affected
Version
12.6(2)_504_Issue_ET
Status
affected
Version
12.6.1_ExcelIssue_ET
Status
affected
Version
12.6(2)_Permalink_ET
Status
affected
Version
12.6.2_CSCwk19536_ET
Status
affected
Version
12.6.2_CSCwm96922_ET
Status
affected
Version
12.6.2_Amq_OOS_ET
Status
affected
Version
12.5(2)ET_CSCwi79933
Status
affected
Version
12.6(2)_ET
Status
affected
Version
12.6.2_CSCwn48501_ET
Status
affected
VendorCisco
≫
Product
Cisco Unity Connection
Default Statusunknown
Version
12.5(1)
Status
affected
Version
12.5(1)SU1
Status
affected
Version
12.5(1)SU2
Status
affected
Version
12.5(1)SU3
Status
affected
Version
12.5(1)SU4
Status
affected
Version
14
Status
affected
Version
12.5(1)SU5
Status
affected
Version
14SU1
Status
affected
Version
12.5(1)SU6
Status
affected
Version
14SU2
Status
affected
Version
12.5(1)SU7
Status
affected
Version
14SU3
Status
affected
Version
12.5(1)SU8
Status
affected
Version
14SU3a
Status
affected
Version
12.5(1)SU8a
Status
affected
Version
15
Status
affected
Version
15SU1
Status
affected
Version
14SU4
Status
affected
Version
12.5(1)SU9
Status
affected
VendorCisco
≫
Product
Cisco Virtualized Voice Browser
Default Statusunknown
Version
11.0(1)
Status
affected
Version
11.6(1)_ES84
Status
affected
Version
11.5(1)_ES54
Status
affected
Version
11.5(1)_ES27
Status
affected
Version
11.5(1)
Status
affected
Version
11.5(1)ES36
Status
affected
Version
12.0(1)_ES01
Status
affected
Version
11.6(1)_ES85
Status
affected
Version
12.5(1)_ES05
Status
affected
Version
11.5(1)_ES32
Status
affected
Version
11.6(1)_ES83
Status
affected
Version
11.5(1)_ES29
Status
affected
Version
12.0(1)_ES06
Status
affected
Version
12.5(1)
Status
affected
Version
12.0(1)_ES07
Status
affected
Version
11.6(1)_ES80
Status
affected
Version
12.0(1)_ES05
Status
affected
Version
11.5(1)_ES36
Status
affected
Version
11.5(1)_ES53
Status
affected
Version
12.5(1)_ES08
Status
affected
Version
11.5(1)ES43
Status
affected
Version
12.0(1)_ES03
Status
affected
Version
11.6(1)_ES86
Status
affected
Version
12.0(1)_ES04
Status
affected
Version
11.5(1)ES27
Status
affected
Version
12.5(1)_ES03
Status
affected
Version
11.6(1)_ES88
Status
affected
Version
12.5(1)_ES06
Status
affected
Version
11.6(1)_ES82
Status
affected
Version
11.6(1)
Status
affected
Version
11.5(1)ES29
Status
affected
Version
12.5(1)_ES04
Status
affected
Version
12.5(1)_ES07
Status
affected
Version
11.6(1)_ES87
Status
affected
Version
11.6(1)_ES81
Status
affected
Version
12.0(1)
Status
affected
Version
11.6(1)_ES22
Status
affected
Version
11.5(1)_ES43
Status
affected
Version
11.5(1)ES32
Status
affected
Version
12.0(1)_ES02
Status
affected
Version
12.5(1)_ES02
Status
affected
Version
12.6(1)
Status
affected
Version
12.5(1)_ES09
Status
affected
Version
12.6(1)_ES01
Status
affected
Version
12.0(1)_ES08
Status
affected
Version
12.5(1)_ES10
Status
affected
Version
12.6(1)_ES02
Status
affected
Version
12.5(1)_ES11
Status
affected
Version
12.5(1)_ES12
Status
affected
Version
12.6(1)_ES03
Status
affected
Version
12.5(1)_ES13
Status
affected
Version
12.5(1)_ES14
Status
affected
Version
12.6(1)_ES04
Status
affected
Version
12.6(1)_ES05
Status
affected
Version
12.5(1)_ES15
Status
affected
Version
12.6(1)_ES06
Status
affected
Version
12.6(1)_ET
Status
affected
Version
12.5(1)_ES16
Status
affected
Version
12.5(1)SU
Status
affected
Version
12.5(1)_SU
Status
affected
Version
12.5(1)_SU_ES01
Status
affected
Version
12.6(1)_ES07
Status
affected
Version
12.6(2)
Status
affected
Version
12.5(1)_ES17
Status
affected
Version
12.6(1)_ES08
Status
affected
Version
12.6(1)_ES09
Status
affected
Version
12.6(1)_ES10
Status
affected
Version
12.5(1)_SU_ES02
Status
affected
Version
12.6(2)_ES01
Status
affected
Version
12.6(2)_ET01
Status
affected
Version
12.5(2)_ET
Status
affected
Version
12.6(2)_ES02
Status
affected
Version
12.6(2)_ET_Streaming
Status
affected
Version
12.6(2)ET_Transcribe
Status
affected
Version
12.6(2)_ES03
Status
affected
Version
12.6(2)ET_NuanceMix
Status
affected
Version
12.6(2)ET_FileUpload
Status
affected
Version
12.6(2)_ET02
Status
affected
Version
12.6(2)_ES04
Status
affected
Version
12.6.2ET_RTPfallback
Status
affected
Version
12.6.2ET_CSCwf55306
Status
affected
Version
12.6.2_ET_CSCwj36712
Status
affected
Version
12.5.2 ET-CSCwj33374
Status
affected
Version
12.5(1) SU ET
Status
affected
Version
12.6(2)ET_CSCwj87296
Status
affected
Version
12.6(2)_ES05
Status
affected
Version
12.5.2_ET_CSCvz27014
Status
affected
Version
12.6(2)_ET
Status
affected
Version
12.6.2-ET
Status
affected
Version
12.6(2)ET_CSCwk83135
Status
affected
Version
12.6.2_ET_CX_ALAW
Status
affected
Version
12.6.2-ET01-SSL
Status
affected
Version
12.6(2)_ES06
Status
affected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.028 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| psirt@cisco.com | 5.1 | 0.8 | 4.2 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
|
CWE-268 Privilege Chaining
Two distinct privileges, roles, capabilities, or rights can be combined in a way that allows an entity to perform unsafe actions that would not be allowed without that combination.