Forum: Too Lazy BBS

Cisco warns that Unified CM has hardcoded root SSH credentials

From BleepingComputer to All on Wed Jul 2 13:31:00 2025

Cisco has removed a backdoor account from its Unified Communications Manager (Unified CM), which would have allowed remote attackers to log in to unpatched devices with root privileges. [...]

https://www.bleepingcomputer.com/news/security/cisco-removes-unified-cm-callManager-backdoor-root-account/