July 3, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
GCleaner Malware – Active IOCs
July 3, 2025
GCleaner Malware – Active IOCs
July 3, 2025
Severity
Medium
Analysis Summary
CVE-2025-20307 CVSS:4.8
Cisco BroadWorks Application Delivery Platform is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
CVE-2025-20308 CVSS:6
Cisco Spaces Connector could allow a local authenticated attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root, caused by insufficient restrictions during the execution of specific CLI commands. By logging in to the Cisco Spaces Connector CLI as the spacesadmin user and executing a specific command with crafted parameters, an attacker could exploit this vulnerability to elevate privileges from the spacesadmin user and execute arbitrary commands on the underlying operating system as root.
CVE-2025-20309 CVSS:10
Cisco Unified Communications Manager contains a default account, caused by the presence of static user credentials for the root account that are reserved for use during development. A remote attacker could exploit this vulnerability to log in to an affected system and execute arbitrary commands as the root user.
CVE-2025-20310 CVSS:6.1
Cisco Enterprise Chat and Email (ECE) is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the web UI. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
Impact
- Cross-Site Scripting
- Privilege Escalation
- Gain Access
Indicators of Compromise
CVE
CVE-2025-20307
CVE-2025-20308
CVE-2025-20309
CVE-2025-20310
Affected Vendors
- Cisco
Affected Products
- Cisco BroadWorks
- Cisco DNA Spaces Connector
- Cisco Unified Communications Manager Session Management Edition Engineering Special 15.0.1.13010-1
- Cisco Enterprise Chat and Email 11.6(1)_ES3
- Cisco Enterprise Chat and Email 11.6(1)_ES4
- Cisco Enterprise Chat and Email 12.0(1)_ES6
- Cisco Enterprise Chat and Email 11.6(1)_ES8
Remediation
Refer to Cisco Security Advisory for patch, upgrade, or suggested workaround information.