The CVE-2020-3280 vulnerability is a remote code execution issue that resides in the Java remote management interface for Unified CCE.
“A vulnerability in the Java Remote Management Interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device.” reads the security advisory published by Cisco.
“The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An attacker could exploit this vulnerability by sending a malicious serialized Java object to a specific listener on an affected system.”
An unauthenticated, remote attacker could exploit the issue to execute arbitrary code as the root user on a vulnerable device.
The issue could be exploited by supplying a malformed Java object to a specific listener on an vulnerable system
Administrators should update their Unified CCE installs as soon as possible.
The good news is that Cisco is not aware of attacks in the wild that exploited the flaw.
(SecurityAffairs – Unified CCE, hacking)