CVE-2025-20274
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-07-16
Last updated on: 2025-07-22
Assigner: Cisco Systems, Inc.
Description
Description
A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to upload arbitrary files to an affected device.
This vulnerability is due to improper validation of files that are uploaded to the web-based management interface. An attacker could exploit this vulnerability by uploading arbitrary files to an affected device. A successful exploit could allow the attacker to store malicious files on the system and execute arbitrary commands on the operating system. The Security Impact Rating (SIR) of this advisory has been raised to High because an attacker could elevate privileges to root. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Report Designer.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cisco | unified_intelligence_center | 10.5\(1\) |
| cisco | unified_intelligence_center | 11.0\(1\) |
| cisco | unified_intelligence_center | 11.0\(2\) |
| cisco | unified_intelligence_center | 11.0\(3\) |
| cisco | unified_intelligence_center | 11.5\(1\) |
| cisco | unified_intelligence_center | 11.6\(1\) |
| cisco | unified_intelligence_center | 12.0\(1\) |
| cisco | unified_intelligence_center | 12.5\(1\) |
| cisco | unified_intelligence_center | 12.5\(1\)su |
| cisco | unified_intelligence_center | 12.6\(1\) |
| cisco | unified_intelligence_center | 12.6\(1\)_es05_et |
| cisco | unified_intelligence_center | 12.6\(1\)_et |
| cisco | unified_intelligence_center | 12.6\(2\) |
| cisco | unified_contact_center_express | 10.5\(1\) |
| cisco | unified_contact_center_express | 10.5\(1\)su1 |
| cisco | unified_contact_center_express | 10.5\(1\)su1es10 |
| cisco | unified_contact_center_express | 10.6\(1\) |
| cisco | unified_contact_center_express | 10.6\(1\)su1 |
| cisco | unified_contact_center_express | 10.6\(1\)su2 |
| cisco | unified_contact_center_express | 10.6\(1\)su2es04 |
| cisco | unified_contact_center_express | 10.6\(1\)su3 |
| cisco | unified_contact_center_express | 10.6\(1\)su3es01 |
| cisco | unified_contact_center_express | 10.6\(1\)su3es02 |
| cisco | unified_contact_center_express | 10.6\(1\)su3es03 |
| cisco | unified_contact_center_express | 11.0\(1\)su1 |
| cisco | unified_contact_center_express | 11.0\(1\)su1es02 |
| cisco | unified_contact_center_express | 11.0\(1\)su1es03 |
| cisco | unified_contact_center_express | 11.5\(1\)es01 |
| cisco | unified_contact_center_express | 11.5\(1\)su1 |
| cisco | unified_contact_center_express | 11.5\(1\)su1es01 |
| cisco | unified_contact_center_express | 11.5\(1\)su1es02 |
| cisco | unified_contact_center_express | 11.5\(1\)su1es03 |
| cisco | unified_contact_center_express | 11.6\(1\) |
| cisco | unified_contact_center_express | 11.6\(1\)es01 |
| cisco | unified_contact_center_express | 11.6\(1\)es02 |
| cisco | unified_contact_center_express | 11.6\(2\) |
| cisco | unified_contact_center_express | 11.6\(2\)es01 |
| cisco | unified_contact_center_express | 11.6\(2\)es02 |
| cisco | unified_contact_center_express | 11.6\(2\)es03 |
| cisco | unified_contact_center_express | 11.6\(2\)es04 |
| cisco | unified_contact_center_express | 11.6\(2\)es05 |
| cisco | unified_contact_center_express | 11.6\(2\)es06 |
| cisco | unified_contact_center_express | 11.6\(2\)es07 |
| cisco | unified_contact_center_express | 11.6\(2\)es08 |
| cisco | unified_contact_center_express | 12.0\(1\) |
| cisco | unified_contact_center_express | 12.0\(1\)es01 |
| cisco | unified_contact_center_express | 12.0\(1\)es02 |
| cisco | unified_contact_center_express | 12.0\(1\)es03 |
| cisco | unified_contact_center_express | 12.0\(1\)es04 |
| cisco | unified_contact_center_express | 12.5\(1\) |
| cisco | unified_contact_center_express | 12.5\(1\)_su01_es01 |
| cisco | unified_contact_center_express | 12.5\(1\)_su01_es02 |
| cisco | unified_contact_center_express | 12.5\(1\)_su01_es03 |
| cisco | unified_contact_center_express | 12.5\(1\)_su02_es01 |
| cisco | unified_contact_center_express | 12.5\(1\)_su02_es02 |
| cisco | unified_contact_center_express | 12.5\(1\)_su02_es03 |
| cisco | unified_contact_center_express | 12.5\(1\)_su02_es04 |
| cisco | unified_contact_center_express | 12.5\(1\)_su03_es01 |
| cisco | unified_contact_center_express | 12.5\(1\)_su03_es02 |
| cisco | unified_contact_center_express | 12.5\(1\)_su03_es03 |
| cisco | unified_contact_center_express | 12.5\(1\)_su03_es04 |
| cisco | unified_contact_center_express | 12.5\(1\)_su03_es05 |
| cisco | unified_contact_center_express | 12.5\(1\)_su03_es06 |
| cisco | unified_contact_center_express | 12.5\(1\)es01 |
| cisco | unified_contact_center_express | 12.5\(1\)es02 |
| cisco | unified_contact_center_express | 12.5\(1\)es03 |
| cisco | unified_contact_center_express | 12.5\(1\)su1 |
| cisco | unified_contact_center_express | 12.5\(1\)su2 |
| cisco | unified_contact_center_express | 12.5\(1\)su3 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the web-based management interface of Cisco Unified Intelligence Center. It allows an authenticated remote attacker, who has valid credentials with at least the Report Designer role, to upload arbitrary files due to improper validation of uploaded files. This can lead to storing malicious files on the system and executing arbitrary commands on the operating system, potentially elevating privileges to root.
How can this vulnerability impact me? :
The impact of this vulnerability includes the possibility for an attacker to execute arbitrary commands on the affected system with elevated privileges, potentially gaining root access. This could lead to unauthorized control over the system, data compromise, disruption of services, and further exploitation within the network.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70