How severe is CVE-2025-20112?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.1 out of 10.

What type of vulnerability is CVE-2025-20112?

This is classified as CWE-268, which is a common weakness in software security.

CVE-2025-20112 - MEDIUM Severity | CVSS 5.1

Vulnerability Description

A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to excessive permissions that have been assigned to system commands. An attacker could exploit this vulnerability by executing crafted commands on the underlying operating system. A successful exploit could allow the attacker to escape the restricted shell and gain root privileges on the underlying operating system of an affected device. To successfully exploit this vulnerability, an attacker would need administrative access to the ESXi hypervisor.

Related Vulnerabilities

CVE-2022-1003

MEDIUM

CVSS:4.9(Medium)

One of the API in Mattermost version 6.3.0 and earlier fails to properly protect the permissions, which allows the system administrators to combine the two distinct privileges/capabilities in a way th...

CWE-2682022

CVE-2023-20194

MEDIUM

CVSS:4.9(Medium)

A vulnerability in the ERS API of Cisco ISE could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system of an affected device. To exploit this vulnerabilit...

CWE-2682023

CVE-2023-0759

MEDIUM

CVSS:5.3(Medium)

Privilege Chaining in GitHub repository cockpit-hq/cockpit prior to 2.3.8.

CWE-2682023

CVE-2019-3844

MEDIUM

CVSS:4.5(Medium)

It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transie...

CWE-2682019

CVE-2025-32955

MEDIUM

CVSS:6.0(Medium)

Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Versions from 0.12.0 to before 2.12.0 are vulnerable to `disable-sudo` bypass. Harden-Runner includes a polic...

CWE-2682025

CVE-2024-1250

MEDIUM

CVSS:6.5(Medium)

An issue has been discovered in GitLab EE affecting all versions starting from 16.8 before 16.8.2. When a user is assigned a custom role with manage_group_access_tokens permission, they may be able to...

CWE-2682024