Skip to content

Ssh20cisco125 Vulnerability Exclusive

On , Cisco released an advisory detailing a maximum severity vulnerability (CVE-2025-20309) in Cisco Unified Communications Manager (CUCM) and Unified Communications Manager SME. The vulnerability stems from hard-coded root SSH credentials that cannot be changed or removed by the administrator.

: If certain features are not required, disable them. For example, disable password authentication if you're using key-based authentication. ssh20cisco125 vulnerability exclusive