Group-IB, a leading creator of cybersecurity technologies to investigate, prevent, and fight digital crime, today announced the discovery of two previously unknown zero-day vulnerabilities in widely used enterprise products: Cisco Unified Contact Center Express (UCCX) and IBM Sterling. The vulnerabilities were identified by Group-IB’s adversary-centric intelligence during a client assessment, demonstrating the depth of the company’s proactive defense threat-intelligence-driven cybersecurity capabilities and its ongoing commitment to responsible research.
While many security assessments focus on identifying known CVEs (common vulnerabilities and exposures) and publicly documented weaknesses, Group-IB’s Red Team follows the same methodology as real-world adversaries, leveraging deep empirical threat intelligence to replicate highly advanced attacks. This approach involves examining software at the architectural and code level with the precision required to uncover never-before-seen vulnerabilities, a level of analysis critical to understanding how sophisticated threat actors infiltrate enterprise environments.
Cisco Unified Contact Center Express (UCCX) is Cisco’s widely used platform for managing enterprise contact centers, providing automated call distribution, interactive voice response (IVR), and customer-service workflows for organizations across banking, telecommunications, government, and other sectors. IBM Sterling is a suite of supply-chain and B2B integration solutions used by enterprises globally to support secure data exchange, logistics, operations, order management, and partner connectivity.
The discovered vulnerabilities include:
- CVE-2025-20374, Cisco UCCX
- CVE-2025-36135, IBM Sterling
Both vulnerabilities were responsibly disclosed to Cisco and IBM by Group-IB’s researchers. After reviewing the reports, both vendors confirmed the issues and released security patches to protect their customers.
“Enterprise software often contains zero-day vulnerabilities and deep-seated misconfigurations, particularly in systems deployed far within corporate infrastructures or in products that researchers have limited access to. Unfortunately, many of these vulnerabilities don’t receive a CVE (Common Vulnerabilities and Exposures) identifier due to inconsistent disclosure practices – including cases where vendors silently patch flaws. This lack of transparency can ultimately weaken the security posture of those organizations’ customers and the wider ecosystem. Group-IB thanks Cisco and IBM for their collaboration and commends their exemplary and responsible engagement by working with our team to ensure full and transparent CVE publication.”
Global Head of Red Teaming Practice, Group-IB
Zero-day vulnerabilities remain one of the most valuable tools for advanced cybercriminals and nation-state threat actors. By identifying and reporting them responsibly, Group-IB helps reduce systemic risk across critical industries that rely on platforms like Cisco UCCX and IBM Sterling for communications, logistics, and operational continuity.
Group-IB maintains highly specialized incident response and digital forensics capabilities designed for the most complex, high-severity cyber incidents. Recognized by international advisory and analyst agencies for its technical depth, Group-IB’s elite responders are trusted to handle intrusions involving advanced threat actors and sophisticated attack techniques. Supported by adversary-centric threat intelligence and continuous monitoring from CERT-GIB, the company delivers fast, precise, and intelligence-driven response operations that help organizations contain and recover from their most critical threats.
Group-IB customers can find out more about how Group-IB discovered two previously unknown zero-day vulnerabilities in widely used enterprise products: Cisco Unified Contact Center Express (UCCX) and IBM Sterling on its Threat Intelligence platform here.
