A significant security update has been released addressing a critical vulnerability in Cisco Unified Communications Manager (CUCM). The issue involved a hardcoded, unchangeable account that was present in certain deployments. This account represented a potential backdoor, posing a serious security risk by potentially allowing unauthorized access to the communication system.
Cisco has taken prompt action to eliminate this vulnerability. Software updates are now available that remove or properly secure this account. Users running affected versions of CUCM are strongly advised to install the latest patches without delay.
Applying these essential security updates is paramount for protecting your voice and video communication infrastructure and ensuring the overall security and integrity of your system. Don’t wait; update now to mitigate the risk and maintain a secure environment.
Source: https://securityaffairs.com/179577/security/cisco-removed-the-backdoor-account-from-its-unified-communications-manager.html
