The pixel The pixel The pixel The pixel The pixel The pixel The pixel The pixel The pixel The pixel The pixel The pixel The pixel The pixel The pixel The pixel The pixel The pixel The pixel The pixel The pixel

CVE-2024-20253 Remote Code Execution Vulnerability in Cisco Unified Communications Suite


On January 24, Cisco released a security bulletin and disclosed CVE-2024-20253 to the public. This new vulnerability affects the Cisco Unified Communications Suite. Although there is no public news of exploits in the wild, Cisco has released a patch and mitigation instructions. Cerium advises patching your on-premises Cisco UC appliances and applications as soon as possible. We stand ready to assist with any of our clients.


On January 24, Cisco published a security advisory on six products in the Unified Communications suite:

  • Unified Communications Manager
  • Unified Communications Manager IM & Presence Service
  • Unified Communications Manager Session Manager
  • Unified Communications Express
  • Unity Connection
  • Virtualized Voice Browser

The vulnerability reported when exploited, allows an attacker to run commands remotely on the Cisco device with the same privilege as the web services running on the server. An attacker can exploit any open port, which risks internet-exposed servers. (Cisco Security Advisory, 2024)

According to AttackerKB, there are no reported exploits for this CVE in the wild. (, 2024) However, this may unexpectedly change. In cybersecurity, we call the time between discovering a vulnerability and exploiting that bug the weaponization phase. In recent years, this weaponization phase has shortened to an average of seven days. (Mean Time to Hardening: The Next-Gen Security Metric, 2019)

Next Steps

Cisco has issued a patch for these products; we advise anyone using them to update their UCM products as soon as possible. We will contact you for Cerium clients using Cisco UCM and with service contracts and schedule a time to patch your UCM devices. Please get in touch with us if you have questions about migrating from on-prem to Cisco’s newer cloud-based offerings.

If you are unsure if this report affects you, Cerium now offers MDR and Vulnerability Management services as part of our Cerium Select Cybersecurity package. We can quickly deploy sensors into your environment and assess your cyber risk. Don’t hesitate to get in touch with us to learn more.

Recent Posts

PuTTY SSH Client Flaw

CVE-2024-31497 is a vulnerability in PuTTY versions 0.68 through 0.80. PuTTY is a popular open-source terminal emulator, serial console, and network file transfer application that

Read More »


“Darcula” represents a new breed of Phishing-as-a-Service (PaaS) posing a serious threat to both Apple and Android users. This sophisticated attack leverages encrypted text messages

Read More »
For Emergency Support call: (877) 423-7486
For other support requests or to access your Cerium 1463° portal click here
Stay in the Know

Stay in the Know

Don't miss out on critical security advisories, industry news, and technology insights from our experts. Sign up today!

You have Successfully Subscribed!