Find notable cyber news and cases, enriched with sources, timelines, and signals.

Cisco security patch release for CVE-2025-20354

Security Patch Release
First reported
Last updated
Happening score
H score 34
1 unique sources, 1 articles

Summary

Hide ▲

Cisco released security updates for UCCX and related products, closing a critical root-command execution flaw and other vulnerabilities that could let attackers gain admin or root control on affected systems. The release covers CVE-2025-20354, a CCX Editor authentication-bypass issue, and additional Cisco ISE and contact-center flaws. Cisco told administrators to move to the listed fixed releases as soon as possible.

Related Happenings

Cisco security patch release for CVE-2026-20245

Security Patch Release
H score38 First: 25.06.2026 00:29 Last: 25.06.2026 00:29 Sources 1

About this happening: Cisco released **security updates** for **Cisco Catalyst SD-WAN** after **CVE-2026-20245** was linked to root-level command execution, and customers were told to move to fixed sof...

Cisco security patch release for CVE-2026-20262

Security Patch Release
H score47 First: 15.06.2026 20:12 Last: 15.06.2026 20:12 Sources 1

About this happening: **Cisco** released **security updates** for **CVE-2026-20262** in **Catalyst SD-WAN Manager**, covering multiple release trains after the zero-day was exploited to reach **root pr...

Cisco Unified Communications Manager security update for CVE-2026-20230

Security Patch Release
H score56 First: 04.06.2026 14:09 Last: 04.06.2026 14:09 Sources 1

About this happening: Cisco released **security updates** for **Cisco Unified Communications Manager (Unified CM)** to fix **CVE-2026-20230**, a **critical** flaw that could let a remote attacker reach...

Cisco Secure Workload REST API patch release (CVE-2026-20223)

Security Patch Release
H score55 First: 22.05.2026 08:36 Last: 22.05.2026 08:36 Sources 1

About this happening: Cisco patched **CVE-2026-20223**, a **CVSS 10.0** Secure Workload REST API flaw that could expose sensitive data and allow configuration changes across tenant boundaries. The upda...

Cisco ThousandEyes and Nexus security patches

Security Patch Release
H score31 First: 21.05.2026 15:04 Last: 21.05.2026 15:04 Sources 1

About this happening: Cisco released patches for **three medium-severity vulnerabilities** affecting **ThousandEyes Virtual Appliance**, **ThousandEyes Enterprise Agent**, and **Nexus 3000/9000 switche...

Timeline

  1. 06.11.2025 15:31 2 articles · 8mo ago

    Cisco patches critical UCCX CVE-2025-20354

    Mitigation Patch Update

    Cisco released security updates for Cisco Unified Contact Center Express (UCCX) to fix CVE-2025-20354, a critical Java Remote Method Invocation (RMI) flaw that could let unauthenticated attackers upload a crafted file, execute arbitrary commands, and elevate privileges to root on affected systems; Cisco advised administrators to upgrade to the fixed releases and said PSIRT had found no evidence of public exploit code or in-the-wild exploitation.

    Show sources
  2. 06.11.2025 15:31 1 articles · 8mo ago

    Cisco patches CCX Editor authentication bypass

    Mitigation Patch Update

    Cisco patched a critical security flaw in the Contact Center Express (CCX) Editor application of Cisco UCCX that could let unauthenticated attackers bypass authentication, redirect the auth flow to a malicious server, and create and execute arbitrary scripts with admin permissions; Cisco also directed administrators to move to the fixed UCCX releases.

    Show sources