CVE-2025-20308
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-07-02

Last updated on: 2025-07-23

Assigner: Cisco Systems, Inc.

Description
A vulnerability in Cisco Spaces Connector could allow an authenticated, local attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root. This vulnerability is due to insufficient restrictions during the execution of specific CLI commands. An attacker could exploit this vulnerability by logging in to the Cisco Spaces Connector CLI as the spacesadmin user and executing a specific command with crafted parameters. A successful exploit could allow the attacker to elevate privileges from the spacesadmin user and execute arbitrary commands on the underlying operating system as root.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-02
Last Modified
2025-07-23
Generated
2026-05-07
AI Q&A
2025-07-02
EPSS Evaluated
2026-05-05
NVD
CVE-2025-20308
EUVD
EUVD-2025-19738
Affected Vendors & Products
Showing 8 associated CPEs
Vendor Product Version / Range
cisco spaces_connector 3.0
cisco spaces_connector 3.0
cisco spaces_connector 3.0
cisco spaces_connector 3.0
cisco spaces_connector 3.0
cisco spaces_connector 3.0
cisco spaces_connector 3.0
cisco spaces_connector 3.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability in Cisco Spaces Connector allows an authenticated local attacker logged in as the spacesadmin user to execute specific CLI commands with crafted parameters that escalate their privileges to root on the underlying operating system. It is caused by insufficient restrictions during the execution of certain CLI commands, enabling arbitrary command execution with root privileges. [1]


How can this vulnerability impact me? :

An attacker exploiting this vulnerability can elevate their privileges from the spacesadmin user to root, allowing them to execute arbitrary commands on the underlying operating system with full control. This could lead to unauthorized system modifications, data compromise, or disruption of services on affected Cisco Spaces Connector devices. [1]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

Detection involves verifying if Cisco Spaces Connector devices are running vulnerable versions prior to the fixed release Connector 3-Jun 2025. Since the vulnerability requires authenticated local access as the spacesadmin user and involves execution of crafted CLI commands, monitoring for unusual CLI command usage by the spacesadmin user may help. However, no specific detection commands or signatures are provided. It is recommended to check the software version on the device to confirm if it is vulnerable. [1]


What immediate steps should I take to mitigate this vulnerability?

The immediate mitigation step is to upgrade Cisco Spaces Connector to the fixed software version Connector 3-Jun 2025 or later. There are no available workarounds. Additionally, restrict access to the spacesadmin user account to trusted personnel only and monitor CLI usage closely until the upgrade is applied. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart