Cisco CUIC Flaw Lets Hackers Gain Root Access Remotely

A newly disclosed vulnerability in Cisco’s Unified Intelligence Center enables authenticated users with Report Designer privileges to upload arbitrary files, posing a significant risk to enterprise systems. Tracked as CVE-2025-20274 and rated 6.3 on the CVSS scale, the Cisco CUIC flaw lets hackers exploit weak server-side validation in the management portal to execute malicious files with root-level access.

The vulnerability affects all deployments of CUIC, including Packaged CCE, Unified CCE, and Unified CCX. Cisco CUIC flaw lets hackers bypass file-type checks by crafting payloads that integrate into the system’s file structure. Once uploaded, these files can execute during scheduled tasks, allowing attackers to gain control and potentially exfiltrate sensitive data.

Cisco released patched versions on July 16, 2025, but confirmed no available workarounds. Administrators should upgrade immediately, audit uploads, and restrict Report Designer access to reduce risk.

Read the full article at:

Cisco Unified Intelligence Center Vulnerability Allows Remote Attackers to Upload Arbitrary Files