Cisco Unified Contact Center Express Editor Remote Code Execution Vulnerability A vulnerability in the file opening process of Cisco (Unified CCX) could allow an unauthenticated attacker to execute arbitrary code on affected device.&nbsp;<br><br> This is due insecure deserialization Java objects by software. An exploit this persuading authenticated, local user open a crafted <em>.aef</em> file. A successful host that running editor application with privileges who launched it.<br><br> Cisco has released software updates address vulnerability. There are no workarounds vulnerability.<br><br> This advisory available at following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uccx-editor-rce-ezyYZte8">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uccx-editor-rce-ezyYZte8</a><br><br> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2025-20275 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uccx-editor-rce-ezyYZte8 CISCO