Skip to content

Cisco CUCM: File Manipulation Enables Privilege Escalation

Bottom line: An unauthenticated file manipulation vulnerability in Cisco CUCM allows attackers to gain root privileges and take control of the communications infrastructure.

A vulnerability in Cisco Unified Communications Manager (CUCM) allows remote attackers to manipulate files and gain root privileges. The security flaw requires no authentication and affects the central communications infrastructure of enterprises.

Cisco Unified Communications Manager is a widely used platform for telephony and unified communications in enterprise environments. The identified vulnerability allows a remote attacker without authentication to manipulate files on the CUCM system.

Through file manipulation, escalation to root privileges is possible, which would give an attacker complete control over the system. This endangers not only the availability of the communications infrastructure but also all user and organizational data processed and stored on it.

CISOs should immediately check which CUCM versions are in use in their infrastructure and inform themselves about available patches from Cisco. In the meantime, it is recommended to restrict network access to CUCM systems and increase monitoring for suspicious file access.


Source: wid.cert-bund.de · Published 5 June 2026
Lumi AI News — AI-assisted curation in accordance with Art. 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.6.4.

Share on: