First published: Wed Oct 26 2022(Updated: )
Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
Credit: ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco TelePresence Collaboration Endpoint | <10.20.1 | |
Cisco RoomOS | <10.20.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerabilities in Cisco TelePresence Collaboration Endpoint Software and Cisco RoomOS Software include path traversal attacks, viewing sensitive data, and writing arbitrary files on an affected device.
The severity of CVE-2022-20776 is medium with a CVSS score of 6.7.
An attacker can exploit CVE-2022-20776 by conducting path traversal attacks, viewing sensitive data, or writing arbitrary files on an affected device.
Yes, Cisco has released updates to address the vulnerabilities in Cisco TelePresence Collaboration Endpoint Software and Cisco RoomOS Software. It is recommended to update to the latest version.
You can find more information about CVE-2022-20776 in the Cisco Security Advisory at [https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-roomos-trav-beFvCcyu](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-roomos-trav-beFvCcyu).