Cisco Unified CCX is vulnerable to two security vulnerabilities that could allow an unauthenticated, remote attacker to upload arbitrary files, bypass authentication, execute arbitrary commands, and elevate privileges to root. Tracked as CVE-2025-20354 & CVE-2025-20358, both vulnerabilities have critical severity ratings.