Cisco’s Unified Contact Center Express (Unified CCX) has a critical cyber security vulnerability. Brenden Meeder of Booz Allen Hamilton discovered the flaw, that could led a remote attacker without credentials to install malware on the targeted device. Install the patch now!

Cisco’s Unified Contact Center Express (Unified CCX) has a critical cyber security vulnerability. It has been discovered by Brenden Meeder of Booz Allen Hamilton. The developer confirmed it and released a patch to solve the issue. The flaw, in fact, could allow a remote attacker without credentials to install malware on the targeted device. According the company, the vulnerability is due to insecure deserialization of user-supplied content by the affected software. An attacker could use it by sending a malicious serialized Java object to a specific listener on an affected system. A successful exploit could allow the attacker to execute arbitrary code as the root user on an affected device. So, it’s imperative to update urgently the software.