"Cisco Warns of Critical Remote Code Execution Bug in Unified Communications Software"
Cisco has released patches to fix a critical security flaw (CVE-2024-20253) affecting Unified Communications and Contact Center Solutions products, allowing remote attackers to execute arbitrary code on vulnerable devices. The flaw, discovered by security researcher Julien Egloff, affects several Cisco products, and there are no workarounds available. Users are urged to apply the patches or set up access control lists to limit access. This disclosure comes after Cisco recently addressed another critical vulnerability in Unity Connection.