CVE-2025-20113
HIGHDescription
A vulnerability in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to elevate privileges to Administrator for a limited set of functions on an affected system. This vulnerability is due to insufficient server-side validation of user-supplied parameters in API or HTTP requests. An attacker could exploit this vulnerability by submitting a crafted API or HTTP request to an affected system. A successful exploit could allow the attacker to access, modify, or delete data beyond the sphere of their intended access level, including obtaining potentially sensitive information stored in the system.
Is your site exposed to CVE-2025-20113?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| cisco | unified_intelligence_center |
| cisco | unified_intelligence_center |
| cisco | unified_intelligence_center |
| cisco | unified_intelligence_center |
| cisco | unified_intelligence_center |
| cisco | unified_intelligence_center |
| cisco | unified_intelligence_center |
| cisco | unified_intelligence_center |
| cisco | unified_intelligence_center |
| cisco | unified_intelligence_center |
| cisco | unified_intelligence_center |
| cisco | unified_intelligence_center |
| cisco | unified_intelligence_center |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
| cisco | unified_contact_center_express |
References
Frequently Asked Questions
What is CVE-2025-20113? +
How severe is CVE-2025-20113? +
What products are affected by CVE-2025-20113? +
How do I check if I'm vulnerable to CVE-2025-20113? +
Related Vulnerabilities
The Vitogate 300 web interface fails to enforce proper server-side authentication and relies on frontend-based authentication controls. This allows an …
This vulnerability exists in Meon KYC solutions due to insufficient server-side validation of the Captcha in certain API endpoints. A …
Data Space Portal is an open-source Software as a Service (SaaS) solution designed to streamline Dataspace management. From version 2.1.1 …
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM ROX MX5000RE (All versions < V2.16.5), …
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM ROX MX5000RE (All versions < V2.16.5), …
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM ROX MX5000RE (All versions < V2.16.5), …