Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2026-AVI-0890
Vulnerability from certfr_avis - Published: 2026-07-16 - Updated: 2026-07-16
De multiples vulnérabilités ont été découvertes dans Cisco RoomOS. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, un contournement de la politique de sécurité et un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "RoomOS versions 26 ant\u00e9rieures \u00e0 26.5.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "RoomOS versions 11 ant\u00e9rieures \u00e0 11.32.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-20157",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20157"
},
{
"name": "CVE-2026-20153",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20153"
},
{
"name": "CVE-2026-20156",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20156"
},
{
"name": "CVE-2026-20158",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20158"
},
{
"name": "CVE-2026-20150",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20150"
},
{
"name": "CVE-2026-20187",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20187"
}
],
"initial_release_date": "2026-07-16T00:00:00",
"last_revision_date": "2026-07-16T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0890",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-07-16T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Cisco RoomOS. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, un contournement de la politique de s\u00e9curit\u00e9 et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Cisco RoomOS",
"vendor_advisories": [
{
"published_at": "2026-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-hardening-roomos-AqNMbEq",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-hardening-roomos-AqNMbEq"
}
]
}
CVE-2026-20150 (GCVE-0-2026-20150)
Vulnerability from cvelistv5 – Published: 2026-07-15 16:17 – Updated: 2026-07-15 18:46
VLAI
EPSS
VEX
Title
Cisco RoomOS Security Hardening Release - Access Control Vulnerabilities
Summary
As part of Cisco's ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities.
The vulnerabilities tracked by CVE-2026-20150 are related to improper access control that are grouped under the Common Weakness Enumeration (CWE) Pillar CWE-284.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-284 - Improper Access Control
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco RoomOS Software |
Affected:
RoomOS 10.11.2.2
Affected: RoomOS 10.15.2.2 Affected: RoomOS 11.5.4.6 Affected: RoomOS 11.5.2.4 Affected: RoomOS 10.8.2.5 Affected: RoomOS 10.11.5.2 Affected: RoomOS 10.11.3.0 Affected: RoomOS 10.15.5.3 Affected: RoomOS 10.19.2.2 Affected: RoomOS 11.1.3.1 Affected: RoomOS 10.11.6.0 Affected: RoomOS 10.19.3.0 Affected: RoomOS 10.19.4.2 Affected: RoomOS 10.3.2.4 Affected: RoomOS 10.3.4.0 Affected: RoomOS 10.15.3.0 Affected: RoomOS 11.1.4.1 Affected: RoomOS 11.14.2.3 Affected: RoomOS 11.1.2.4 Affected: RoomOS 10.8.3.1 Affected: RoomOS 11.14.2.1 Affected: RoomOS 10.3.3.0 Affected: RoomOS 10.8.4.0 Affected: RoomOS 10.15.4.1 Affected: RoomOS 10.19.5.6 Affected: RoomOS 10.11.4.1 Affected: RoomOS 11.9.3.1 Affected: RoomOS 11.5.3.3 Affected: RoomOS 10.3.2.0 Affected: RoomOS 11.9.2.4 Affected: RoomOS 11.14.3.0 Affected: RoomOS 11.17.2.2 Affected: RoomOS 11.14.4.0 Affected: RoomOS 10.19 StepUpg Affected: RoomOS 11.17.3.0 Affected: RoomOS 11.20.2.3 Affected: RoomOS 11.14.5.0 Affected: RoomOS 11.17.4.0 Affected: RoomOS 11.20.3.0 Affected: RoomOS 11.23.1.6 Affected: RoomOS 11.23.1.8 Affected: RoomOS 11.24.1.5 Affected: RoomOS 11.24.2.4 Affected: RoomOS 11.24.3.0 Affected: RoomOS 11.24.4.1 Affected: RoomOS 11.27.2.0 Affected: RoomOS 11.28.1.3 Affected: RoomOS 11.27.3.0 Affected: RoomOS 11.31.1.5 Affected: RoomOS 11.27.4.0 Affected: RoomOS 11.32.2.1 Affected: RoomOS 11.33.1.7 Affected: RoomOS 26.0.1.2 Affected: RoomOS 11.34.1.2 Affected: RoomOS 11.32.3.0 Affected: RoomOS 11.27.5.0 Affected: RoomOS 11.32.4.0 Affected: RoomOS 26.1.1.5 Affected: RoomOS 11.35.1.2 Affected: RoomOS 26.2.2.2 Affected: RoomOS 11.32.5.1 Affected: RoomOS 26.4.1.6 Affected: RoomOS 26.4.1.4 Affected: RoomOS 26.3.1.3 Affected: RoomOS 11.36.1.1 Affected: RoomOS 11.37.1.0 Affected: RoomOS 26.5.2.0 Affected: RoomOS 11.38.1.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20150",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-15T18:46:22.944748Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T18:46:29.743Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco RoomOS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "RoomOS 10.11.2.2"
},
{
"status": "affected",
"version": "RoomOS 10.15.2.2"
},
{
"status": "affected",
"version": "RoomOS 11.5.4.6"
},
{
"status": "affected",
"version": "RoomOS 11.5.2.4"
},
{
"status": "affected",
"version": "RoomOS 10.8.2.5"
},
{
"status": "affected",
"version": "RoomOS 10.11.5.2"
},
{
"status": "affected",
"version": "RoomOS 10.11.3.0"
},
{
"status": "affected",
"version": "RoomOS 10.15.5.3"
},
{
"status": "affected",
"version": "RoomOS 10.19.2.2"
},
{
"status": "affected",
"version": "RoomOS 11.1.3.1"
},
{
"status": "affected",
"version": "RoomOS 10.11.6.0"
},
{
"status": "affected",
"version": "RoomOS 10.19.3.0"
},
{
"status": "affected",
"version": "RoomOS 10.19.4.2"
},
{
"status": "affected",
"version": "RoomOS 10.3.2.4"
},
{
"status": "affected",
"version": "RoomOS 10.3.4.0"
},
{
"status": "affected",
"version": "RoomOS 10.15.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.1.4.1"
},
{
"status": "affected",
"version": "RoomOS 11.14.2.3"
},
{
"status": "affected",
"version": "RoomOS 11.1.2.4"
},
{
"status": "affected",
"version": "RoomOS 10.8.3.1"
},
{
"status": "affected",
"version": "RoomOS 11.14.2.1"
},
{
"status": "affected",
"version": "RoomOS 10.3.3.0"
},
{
"status": "affected",
"version": "RoomOS 10.8.4.0"
},
{
"status": "affected",
"version": "RoomOS 10.15.4.1"
},
{
"status": "affected",
"version": "RoomOS 10.19.5.6"
},
{
"status": "affected",
"version": "RoomOS 10.11.4.1"
},
{
"status": "affected",
"version": "RoomOS 11.9.3.1"
},
{
"status": "affected",
"version": "RoomOS 11.5.3.3"
},
{
"status": "affected",
"version": "RoomOS 10.3.2.0"
},
{
"status": "affected",
"version": "RoomOS 11.9.2.4"
},
{
"status": "affected",
"version": "RoomOS 11.14.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.17.2.2"
},
{
"status": "affected",
"version": "RoomOS 11.14.4.0"
},
{
"status": "affected",
"version": "RoomOS 10.19 StepUpg"
},
{
"status": "affected",
"version": "RoomOS 11.17.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.20.2.3"
},
{
"status": "affected",
"version": "RoomOS 11.14.5.0"
},
{
"status": "affected",
"version": "RoomOS 11.17.4.0"
},
{
"status": "affected",
"version": "RoomOS 11.20.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.23.1.6"
},
{
"status": "affected",
"version": "RoomOS 11.23.1.8"
},
{
"status": "affected",
"version": "RoomOS 11.24.1.5"
},
{
"status": "affected",
"version": "RoomOS 11.24.2.4"
},
{
"status": "affected",
"version": "RoomOS 11.24.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.24.4.1"
},
{
"status": "affected",
"version": "RoomOS 11.27.2.0"
},
{
"status": "affected",
"version": "RoomOS 11.28.1.3"
},
{
"status": "affected",
"version": "RoomOS 11.27.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.31.1.5"
},
{
"status": "affected",
"version": "RoomOS 11.27.4.0"
},
{
"status": "affected",
"version": "RoomOS 11.32.2.1"
},
{
"status": "affected",
"version": "RoomOS 11.33.1.7"
},
{
"status": "affected",
"version": "RoomOS 26.0.1.2"
},
{
"status": "affected",
"version": "RoomOS 11.34.1.2"
},
{
"status": "affected",
"version": "RoomOS 11.32.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.27.5.0"
},
{
"status": "affected",
"version": "RoomOS 11.32.4.0"
},
{
"status": "affected",
"version": "RoomOS 26.1.1.5"
},
{
"status": "affected",
"version": "RoomOS 11.35.1.2"
},
{
"status": "affected",
"version": "RoomOS 26.2.2.2"
},
{
"status": "affected",
"version": "RoomOS 11.32.5.1"
},
{
"status": "affected",
"version": "RoomOS 26.4.1.6"
},
{
"status": "affected",
"version": "RoomOS 26.4.1.4"
},
{
"status": "affected",
"version": "RoomOS 26.3.1.3"
},
{
"status": "affected",
"version": "RoomOS 11.36.1.1"
},
{
"status": "affected",
"version": "RoomOS 11.37.1.0"
},
{
"status": "affected",
"version": "RoomOS 26.5.2.0"
},
{
"status": "affected",
"version": "RoomOS 11.38.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "As part of Cisco\u0027s ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities.\r\n\r\nThe vulnerabilities tracked by CVE-2026-20150 are related to improper access control\u0026nbsp;that are grouped under the Common Weakness Enumeration (CWE) Pillar CWE-284."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T16:17:00.370Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-hardening-roomos-AqNMbEq",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-hardening-roomos-AqNMbEq"
}
],
"source": {
"advisory": "cisco-sa-hardening-roomos-AqNMbEq",
"defects": [
"CSCwu54714"
],
"discovery": "INTERNAL"
},
"title": "Cisco RoomOS Security Hardening Release - Access Control Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20150",
"datePublished": "2026-07-15T16:17:00.370Z",
"dateReserved": "2025-10-08T11:59:15.385Z",
"dateUpdated": "2026-07-15T18:46:29.743Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20153 (GCVE-0-2026-20153)
Vulnerability from cvelistv5 – Published: 2026-07-15 16:18 – Updated: 2026-07-15 18:06
VLAI
EPSS
VEX
Title
Cisco RoomOS Security Hardening Release - Input Validation Vulnerabilities
Summary
As part of Cisco's ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities.
The vulnerabilities tracked by CVE-2026-20153 are related to improper input validation that are grouped under the Common Weakness Enumeration (CWE) Pillar CWE-20.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco RoomOS Software |
Affected:
RoomOS 10.11.2.2
Affected: RoomOS 10.15.2.2 Affected: RoomOS 11.5.4.6 Affected: RoomOS 11.5.2.4 Affected: RoomOS 10.8.2.5 Affected: RoomOS 10.11.5.2 Affected: RoomOS 10.11.3.0 Affected: RoomOS 10.15.5.3 Affected: RoomOS 10.19.2.2 Affected: RoomOS 11.1.3.1 Affected: RoomOS 10.11.6.0 Affected: RoomOS 10.19.3.0 Affected: RoomOS 10.19.4.2 Affected: RoomOS 10.3.2.4 Affected: RoomOS 10.3.4.0 Affected: RoomOS 10.15.3.0 Affected: RoomOS 11.1.4.1 Affected: RoomOS 11.14.2.3 Affected: RoomOS 11.1.2.4 Affected: RoomOS 10.8.3.1 Affected: RoomOS 11.14.2.1 Affected: RoomOS 10.3.3.0 Affected: RoomOS 10.8.4.0 Affected: RoomOS 10.15.4.1 Affected: RoomOS 10.19.5.6 Affected: RoomOS 10.11.4.1 Affected: RoomOS 11.9.3.1 Affected: RoomOS 11.5.3.3 Affected: RoomOS 10.3.2.0 Affected: RoomOS 11.9.2.4 Affected: RoomOS 11.14.3.0 Affected: RoomOS 11.17.2.2 Affected: RoomOS 11.14.4.0 Affected: RoomOS 10.19 StepUpg Affected: RoomOS 11.17.3.0 Affected: RoomOS 11.20.2.3 Affected: RoomOS 11.14.5.0 Affected: RoomOS 11.17.4.0 Affected: RoomOS 11.20.3.0 Affected: RoomOS 11.23.1.6 Affected: RoomOS 11.23.1.8 Affected: RoomOS 11.24.1.5 Affected: RoomOS 11.24.2.4 Affected: RoomOS 11.24.3.0 Affected: RoomOS 11.24.4.1 Affected: RoomOS 11.27.2.0 Affected: RoomOS 11.28.1.3 Affected: RoomOS 11.27.3.0 Affected: RoomOS 11.31.1.5 Affected: RoomOS 11.27.4.0 Affected: RoomOS 11.32.2.1 Affected: RoomOS 11.33.1.7 Affected: RoomOS 26.0.1.2 Affected: RoomOS 11.34.1.2 Affected: RoomOS 11.32.3.0 Affected: RoomOS 11.27.5.0 Affected: RoomOS 11.32.4.0 Affected: RoomOS 26.1.1.5 Affected: RoomOS 11.35.1.2 Affected: RoomOS 26.2.2.2 Affected: RoomOS 11.32.5.1 Affected: RoomOS 26.4.1.6 Affected: RoomOS 26.4.1.4 Affected: RoomOS 26.3.1.3 Affected: RoomOS 11.36.1.1 Affected: RoomOS 11.37.1.0 Affected: RoomOS 26.5.2.0 Affected: RoomOS 11.38.1.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20153",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-15T18:06:30.490867Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T18:06:37.684Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco RoomOS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "RoomOS 10.11.2.2"
},
{
"status": "affected",
"version": "RoomOS 10.15.2.2"
},
{
"status": "affected",
"version": "RoomOS 11.5.4.6"
},
{
"status": "affected",
"version": "RoomOS 11.5.2.4"
},
{
"status": "affected",
"version": "RoomOS 10.8.2.5"
},
{
"status": "affected",
"version": "RoomOS 10.11.5.2"
},
{
"status": "affected",
"version": "RoomOS 10.11.3.0"
},
{
"status": "affected",
"version": "RoomOS 10.15.5.3"
},
{
"status": "affected",
"version": "RoomOS 10.19.2.2"
},
{
"status": "affected",
"version": "RoomOS 11.1.3.1"
},
{
"status": "affected",
"version": "RoomOS 10.11.6.0"
},
{
"status": "affected",
"version": "RoomOS 10.19.3.0"
},
{
"status": "affected",
"version": "RoomOS 10.19.4.2"
},
{
"status": "affected",
"version": "RoomOS 10.3.2.4"
},
{
"status": "affected",
"version": "RoomOS 10.3.4.0"
},
{
"status": "affected",
"version": "RoomOS 10.15.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.1.4.1"
},
{
"status": "affected",
"version": "RoomOS 11.14.2.3"
},
{
"status": "affected",
"version": "RoomOS 11.1.2.4"
},
{
"status": "affected",
"version": "RoomOS 10.8.3.1"
},
{
"status": "affected",
"version": "RoomOS 11.14.2.1"
},
{
"status": "affected",
"version": "RoomOS 10.3.3.0"
},
{
"status": "affected",
"version": "RoomOS 10.8.4.0"
},
{
"status": "affected",
"version": "RoomOS 10.15.4.1"
},
{
"status": "affected",
"version": "RoomOS 10.19.5.6"
},
{
"status": "affected",
"version": "RoomOS 10.11.4.1"
},
{
"status": "affected",
"version": "RoomOS 11.9.3.1"
},
{
"status": "affected",
"version": "RoomOS 11.5.3.3"
},
{
"status": "affected",
"version": "RoomOS 10.3.2.0"
},
{
"status": "affected",
"version": "RoomOS 11.9.2.4"
},
{
"status": "affected",
"version": "RoomOS 11.14.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.17.2.2"
},
{
"status": "affected",
"version": "RoomOS 11.14.4.0"
},
{
"status": "affected",
"version": "RoomOS 10.19 StepUpg"
},
{
"status": "affected",
"version": "RoomOS 11.17.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.20.2.3"
},
{
"status": "affected",
"version": "RoomOS 11.14.5.0"
},
{
"status": "affected",
"version": "RoomOS 11.17.4.0"
},
{
"status": "affected",
"version": "RoomOS 11.20.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.23.1.6"
},
{
"status": "affected",
"version": "RoomOS 11.23.1.8"
},
{
"status": "affected",
"version": "RoomOS 11.24.1.5"
},
{
"status": "affected",
"version": "RoomOS 11.24.2.4"
},
{
"status": "affected",
"version": "RoomOS 11.24.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.24.4.1"
},
{
"status": "affected",
"version": "RoomOS 11.27.2.0"
},
{
"status": "affected",
"version": "RoomOS 11.28.1.3"
},
{
"status": "affected",
"version": "RoomOS 11.27.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.31.1.5"
},
{
"status": "affected",
"version": "RoomOS 11.27.4.0"
},
{
"status": "affected",
"version": "RoomOS 11.32.2.1"
},
{
"status": "affected",
"version": "RoomOS 11.33.1.7"
},
{
"status": "affected",
"version": "RoomOS 26.0.1.2"
},
{
"status": "affected",
"version": "RoomOS 11.34.1.2"
},
{
"status": "affected",
"version": "RoomOS 11.32.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.27.5.0"
},
{
"status": "affected",
"version": "RoomOS 11.32.4.0"
},
{
"status": "affected",
"version": "RoomOS 26.1.1.5"
},
{
"status": "affected",
"version": "RoomOS 11.35.1.2"
},
{
"status": "affected",
"version": "RoomOS 26.2.2.2"
},
{
"status": "affected",
"version": "RoomOS 11.32.5.1"
},
{
"status": "affected",
"version": "RoomOS 26.4.1.6"
},
{
"status": "affected",
"version": "RoomOS 26.4.1.4"
},
{
"status": "affected",
"version": "RoomOS 26.3.1.3"
},
{
"status": "affected",
"version": "RoomOS 11.36.1.1"
},
{
"status": "affected",
"version": "RoomOS 11.37.1.0"
},
{
"status": "affected",
"version": "RoomOS 26.5.2.0"
},
{
"status": "affected",
"version": "RoomOS 11.38.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "As part of Cisco\u0027s ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities.\r\n\r\nThe vulnerabilities tracked by CVE-2026-20153 are related to improper input validation that are grouped under the Common Weakness Enumeration (CWE) Pillar CWE-20."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T16:18:14.073Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-hardening-roomos-AqNMbEq",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-hardening-roomos-AqNMbEq"
}
],
"source": {
"advisory": "cisco-sa-hardening-roomos-AqNMbEq",
"defects": [
"CSCwu59024"
],
"discovery": "INTERNAL"
},
"title": "Cisco RoomOS Security Hardening Release - Input Validation Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20153",
"datePublished": "2026-07-15T16:18:14.073Z",
"dateReserved": "2025-10-08T11:59:15.386Z",
"dateUpdated": "2026-07-15T18:06:37.684Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20156 (GCVE-0-2026-20156)
Vulnerability from cvelistv5 – Published: 2026-07-15 16:17 – Updated: 2026-07-15 18:05
VLAI
EPSS
VEX
Title
Cisco RoomOS Security Hardening Release - Buffer Management Vulnerabilities
Summary
As part of Cisco's ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities.
The vulnerabilities tracked by CVE-2026-20156 are related to improper restriction of operations within the bounds of a memory buffer that are grouped under the Common Weakness Enumeration (CWE) Pillar CWE-119.
Severity
8.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco RoomOS Software |
Affected:
RoomOS 10.11.2.2
Affected: RoomOS 10.15.2.2 Affected: RoomOS 11.5.4.6 Affected: RoomOS 11.5.2.4 Affected: RoomOS 10.8.2.5 Affected: RoomOS 10.11.5.2 Affected: RoomOS 10.11.3.0 Affected: RoomOS 10.15.5.3 Affected: RoomOS 10.19.2.2 Affected: RoomOS 11.1.3.1 Affected: RoomOS 10.11.6.0 Affected: RoomOS 10.19.3.0 Affected: RoomOS 10.19.4.2 Affected: RoomOS 10.3.2.4 Affected: RoomOS 10.3.4.0 Affected: RoomOS 10.15.3.0 Affected: RoomOS 11.1.4.1 Affected: RoomOS 11.14.2.3 Affected: RoomOS 11.1.2.4 Affected: RoomOS 10.8.3.1 Affected: RoomOS 11.14.2.1 Affected: RoomOS 10.3.3.0 Affected: RoomOS 10.8.4.0 Affected: RoomOS 10.15.4.1 Affected: RoomOS 10.19.5.6 Affected: RoomOS 10.11.4.1 Affected: RoomOS 11.9.3.1 Affected: RoomOS 11.5.3.3 Affected: RoomOS 10.3.2.0 Affected: RoomOS 11.9.2.4 Affected: RoomOS 11.14.3.0 Affected: RoomOS 11.17.2.2 Affected: RoomOS 11.14.4.0 Affected: RoomOS 10.19 StepUpg Affected: RoomOS 11.17.3.0 Affected: RoomOS 11.20.2.3 Affected: RoomOS 11.14.5.0 Affected: RoomOS 11.17.4.0 Affected: RoomOS 11.20.3.0 Affected: RoomOS 11.23.1.6 Affected: RoomOS 11.23.1.8 Affected: RoomOS 11.24.1.5 Affected: RoomOS 11.24.2.4 Affected: RoomOS 11.24.3.0 Affected: RoomOS 11.24.4.1 Affected: RoomOS 11.27.2.0 Affected: RoomOS 11.28.1.3 Affected: RoomOS 11.27.3.0 Affected: RoomOS 11.31.1.5 Affected: RoomOS 11.27.4.0 Affected: RoomOS 11.32.2.1 Affected: RoomOS 11.33.1.7 Affected: RoomOS 26.0.1.2 Affected: RoomOS 11.34.1.2 Affected: RoomOS 11.32.3.0 Affected: RoomOS 11.27.5.0 Affected: RoomOS 11.32.4.0 Affected: RoomOS 26.1.1.5 Affected: RoomOS 11.35.1.2 Affected: RoomOS 26.2.2.2 Affected: RoomOS 11.32.5.1 Affected: RoomOS 26.4.1.6 Affected: RoomOS 26.4.1.4 Affected: RoomOS 26.3.1.3 Affected: RoomOS 11.36.1.1 Affected: RoomOS 11.37.1.0 Affected: RoomOS 26.5.2.0 Affected: RoomOS 11.38.1.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20156",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-15T18:05:33.626503Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T18:05:46.644Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco RoomOS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "RoomOS 10.11.2.2"
},
{
"status": "affected",
"version": "RoomOS 10.15.2.2"
},
{
"status": "affected",
"version": "RoomOS 11.5.4.6"
},
{
"status": "affected",
"version": "RoomOS 11.5.2.4"
},
{
"status": "affected",
"version": "RoomOS 10.8.2.5"
},
{
"status": "affected",
"version": "RoomOS 10.11.5.2"
},
{
"status": "affected",
"version": "RoomOS 10.11.3.0"
},
{
"status": "affected",
"version": "RoomOS 10.15.5.3"
},
{
"status": "affected",
"version": "RoomOS 10.19.2.2"
},
{
"status": "affected",
"version": "RoomOS 11.1.3.1"
},
{
"status": "affected",
"version": "RoomOS 10.11.6.0"
},
{
"status": "affected",
"version": "RoomOS 10.19.3.0"
},
{
"status": "affected",
"version": "RoomOS 10.19.4.2"
},
{
"status": "affected",
"version": "RoomOS 10.3.2.4"
},
{
"status": "affected",
"version": "RoomOS 10.3.4.0"
},
{
"status": "affected",
"version": "RoomOS 10.15.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.1.4.1"
},
{
"status": "affected",
"version": "RoomOS 11.14.2.3"
},
{
"status": "affected",
"version": "RoomOS 11.1.2.4"
},
{
"status": "affected",
"version": "RoomOS 10.8.3.1"
},
{
"status": "affected",
"version": "RoomOS 11.14.2.1"
},
{
"status": "affected",
"version": "RoomOS 10.3.3.0"
},
{
"status": "affected",
"version": "RoomOS 10.8.4.0"
},
{
"status": "affected",
"version": "RoomOS 10.15.4.1"
},
{
"status": "affected",
"version": "RoomOS 10.19.5.6"
},
{
"status": "affected",
"version": "RoomOS 10.11.4.1"
},
{
"status": "affected",
"version": "RoomOS 11.9.3.1"
},
{
"status": "affected",
"version": "RoomOS 11.5.3.3"
},
{
"status": "affected",
"version": "RoomOS 10.3.2.0"
},
{
"status": "affected",
"version": "RoomOS 11.9.2.4"
},
{
"status": "affected",
"version": "RoomOS 11.14.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.17.2.2"
},
{
"status": "affected",
"version": "RoomOS 11.14.4.0"
},
{
"status": "affected",
"version": "RoomOS 10.19 StepUpg"
},
{
"status": "affected",
"version": "RoomOS 11.17.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.20.2.3"
},
{
"status": "affected",
"version": "RoomOS 11.14.5.0"
},
{
"status": "affected",
"version": "RoomOS 11.17.4.0"
},
{
"status": "affected",
"version": "RoomOS 11.20.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.23.1.6"
},
{
"status": "affected",
"version": "RoomOS 11.23.1.8"
},
{
"status": "affected",
"version": "RoomOS 11.24.1.5"
},
{
"status": "affected",
"version": "RoomOS 11.24.2.4"
},
{
"status": "affected",
"version": "RoomOS 11.24.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.24.4.1"
},
{
"status": "affected",
"version": "RoomOS 11.27.2.0"
},
{
"status": "affected",
"version": "RoomOS 11.28.1.3"
},
{
"status": "affected",
"version": "RoomOS 11.27.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.31.1.5"
},
{
"status": "affected",
"version": "RoomOS 11.27.4.0"
},
{
"status": "affected",
"version": "RoomOS 11.32.2.1"
},
{
"status": "affected",
"version": "RoomOS 11.33.1.7"
},
{
"status": "affected",
"version": "RoomOS 26.0.1.2"
},
{
"status": "affected",
"version": "RoomOS 11.34.1.2"
},
{
"status": "affected",
"version": "RoomOS 11.32.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.27.5.0"
},
{
"status": "affected",
"version": "RoomOS 11.32.4.0"
},
{
"status": "affected",
"version": "RoomOS 26.1.1.5"
},
{
"status": "affected",
"version": "RoomOS 11.35.1.2"
},
{
"status": "affected",
"version": "RoomOS 26.2.2.2"
},
{
"status": "affected",
"version": "RoomOS 11.32.5.1"
},
{
"status": "affected",
"version": "RoomOS 26.4.1.6"
},
{
"status": "affected",
"version": "RoomOS 26.4.1.4"
},
{
"status": "affected",
"version": "RoomOS 26.3.1.3"
},
{
"status": "affected",
"version": "RoomOS 11.36.1.1"
},
{
"status": "affected",
"version": "RoomOS 11.37.1.0"
},
{
"status": "affected",
"version": "RoomOS 26.5.2.0"
},
{
"status": "affected",
"version": "RoomOS 11.38.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "As part of Cisco\u0027s ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities.\r\n\r\nThe vulnerabilities tracked by CVE-2026-20156 are related to improper restriction of operations within the bounds of a memory buffer that are grouped under the Common Weakness Enumeration (CWE) Pillar CWE-119."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T16:17:52.307Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-hardening-roomos-AqNMbEq",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-hardening-roomos-AqNMbEq"
}
],
"source": {
"advisory": "cisco-sa-hardening-roomos-AqNMbEq",
"defects": [
"CSCwu64806"
],
"discovery": "INTERNAL"
},
"title": "Cisco RoomOS Security Hardening Release - Buffer Management Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20156",
"datePublished": "2026-07-15T16:17:52.307Z",
"dateReserved": "2025-10-08T11:59:15.387Z",
"dateUpdated": "2026-07-15T18:05:46.644Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20157 (GCVE-0-2026-20157)
Vulnerability from cvelistv5 – Published: 2026-07-15 16:18 – Updated: 2026-07-15 18:06
VLAI
EPSS
VEX
Title
Cisco RoomOS Security Hardening Release - Missing Encryption Vulnerabilities
Summary
As part of Cisco's ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities.
The vulnerabilities tracked by CVE-2026-20157 are related to missing encryption that are grouped under the Common Weakness Enumeration (CWE) Pillar CWE-311.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-311 - Missing Encryption of Sensitive Data
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco RoomOS Software |
Affected:
RoomOS 10.11.2.2
Affected: RoomOS 10.15.2.2 Affected: RoomOS 11.5.4.6 Affected: RoomOS 11.5.2.4 Affected: RoomOS 10.8.2.5 Affected: RoomOS 10.11.5.2 Affected: RoomOS 10.11.3.0 Affected: RoomOS 10.15.5.3 Affected: RoomOS 10.19.2.2 Affected: RoomOS 11.1.3.1 Affected: RoomOS 10.11.6.0 Affected: RoomOS 10.19.3.0 Affected: RoomOS 10.19.4.2 Affected: RoomOS 10.3.2.4 Affected: RoomOS 10.3.4.0 Affected: RoomOS 10.15.3.0 Affected: RoomOS 11.1.4.1 Affected: RoomOS 11.14.2.3 Affected: RoomOS 11.1.2.4 Affected: RoomOS 10.8.3.1 Affected: RoomOS 11.14.2.1 Affected: RoomOS 10.3.3.0 Affected: RoomOS 10.8.4.0 Affected: RoomOS 10.15.4.1 Affected: RoomOS 10.19.5.6 Affected: RoomOS 10.11.4.1 Affected: RoomOS 11.9.3.1 Affected: RoomOS 11.5.3.3 Affected: RoomOS 10.3.2.0 Affected: RoomOS 11.9.2.4 Affected: RoomOS 11.14.3.0 Affected: RoomOS 11.17.2.2 Affected: RoomOS 11.14.4.0 Affected: RoomOS 10.19 StepUpg Affected: RoomOS 11.17.3.0 Affected: RoomOS 11.20.2.3 Affected: RoomOS 11.14.5.0 Affected: RoomOS 11.17.4.0 Affected: RoomOS 11.20.3.0 Affected: RoomOS 11.23.1.6 Affected: RoomOS 11.23.1.8 Affected: RoomOS 11.24.1.5 Affected: RoomOS 11.24.2.4 Affected: RoomOS 11.24.3.0 Affected: RoomOS 11.24.4.1 Affected: RoomOS 11.27.2.0 Affected: RoomOS 11.28.1.3 Affected: RoomOS 11.27.3.0 Affected: RoomOS 11.31.1.5 Affected: RoomOS 11.27.4.0 Affected: RoomOS 11.32.2.1 Affected: RoomOS 11.33.1.7 Affected: RoomOS 26.0.1.2 Affected: RoomOS 11.34.1.2 Affected: RoomOS 11.32.3.0 Affected: RoomOS 11.27.5.0 Affected: RoomOS 11.32.4.0 Affected: RoomOS 26.1.1.5 Affected: RoomOS 11.35.1.2 Affected: RoomOS 26.2.2.2 Affected: RoomOS 11.32.5.1 Affected: RoomOS 26.4.1.6 Affected: RoomOS 26.4.1.4 Affected: RoomOS 26.3.1.3 Affected: RoomOS 11.36.1.1 Affected: RoomOS 11.37.1.0 Affected: RoomOS 26.5.2.0 Affected: RoomOS 11.38.1.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20157",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-15T18:06:08.142512Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T18:06:16.748Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco RoomOS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "RoomOS 10.11.2.2"
},
{
"status": "affected",
"version": "RoomOS 10.15.2.2"
},
{
"status": "affected",
"version": "RoomOS 11.5.4.6"
},
{
"status": "affected",
"version": "RoomOS 11.5.2.4"
},
{
"status": "affected",
"version": "RoomOS 10.8.2.5"
},
{
"status": "affected",
"version": "RoomOS 10.11.5.2"
},
{
"status": "affected",
"version": "RoomOS 10.11.3.0"
},
{
"status": "affected",
"version": "RoomOS 10.15.5.3"
},
{
"status": "affected",
"version": "RoomOS 10.19.2.2"
},
{
"status": "affected",
"version": "RoomOS 11.1.3.1"
},
{
"status": "affected",
"version": "RoomOS 10.11.6.0"
},
{
"status": "affected",
"version": "RoomOS 10.19.3.0"
},
{
"status": "affected",
"version": "RoomOS 10.19.4.2"
},
{
"status": "affected",
"version": "RoomOS 10.3.2.4"
},
{
"status": "affected",
"version": "RoomOS 10.3.4.0"
},
{
"status": "affected",
"version": "RoomOS 10.15.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.1.4.1"
},
{
"status": "affected",
"version": "RoomOS 11.14.2.3"
},
{
"status": "affected",
"version": "RoomOS 11.1.2.4"
},
{
"status": "affected",
"version": "RoomOS 10.8.3.1"
},
{
"status": "affected",
"version": "RoomOS 11.14.2.1"
},
{
"status": "affected",
"version": "RoomOS 10.3.3.0"
},
{
"status": "affected",
"version": "RoomOS 10.8.4.0"
},
{
"status": "affected",
"version": "RoomOS 10.15.4.1"
},
{
"status": "affected",
"version": "RoomOS 10.19.5.6"
},
{
"status": "affected",
"version": "RoomOS 10.11.4.1"
},
{
"status": "affected",
"version": "RoomOS 11.9.3.1"
},
{
"status": "affected",
"version": "RoomOS 11.5.3.3"
},
{
"status": "affected",
"version": "RoomOS 10.3.2.0"
},
{
"status": "affected",
"version": "RoomOS 11.9.2.4"
},
{
"status": "affected",
"version": "RoomOS 11.14.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.17.2.2"
},
{
"status": "affected",
"version": "RoomOS 11.14.4.0"
},
{
"status": "affected",
"version": "RoomOS 10.19 StepUpg"
},
{
"status": "affected",
"version": "RoomOS 11.17.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.20.2.3"
},
{
"status": "affected",
"version": "RoomOS 11.14.5.0"
},
{
"status": "affected",
"version": "RoomOS 11.17.4.0"
},
{
"status": "affected",
"version": "RoomOS 11.20.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.23.1.6"
},
{
"status": "affected",
"version": "RoomOS 11.23.1.8"
},
{
"status": "affected",
"version": "RoomOS 11.24.1.5"
},
{
"status": "affected",
"version": "RoomOS 11.24.2.4"
},
{
"status": "affected",
"version": "RoomOS 11.24.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.24.4.1"
},
{
"status": "affected",
"version": "RoomOS 11.27.2.0"
},
{
"status": "affected",
"version": "RoomOS 11.28.1.3"
},
{
"status": "affected",
"version": "RoomOS 11.27.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.31.1.5"
},
{
"status": "affected",
"version": "RoomOS 11.27.4.0"
},
{
"status": "affected",
"version": "RoomOS 11.32.2.1"
},
{
"status": "affected",
"version": "RoomOS 11.33.1.7"
},
{
"status": "affected",
"version": "RoomOS 26.0.1.2"
},
{
"status": "affected",
"version": "RoomOS 11.34.1.2"
},
{
"status": "affected",
"version": "RoomOS 11.32.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.27.5.0"
},
{
"status": "affected",
"version": "RoomOS 11.32.4.0"
},
{
"status": "affected",
"version": "RoomOS 26.1.1.5"
},
{
"status": "affected",
"version": "RoomOS 11.35.1.2"
},
{
"status": "affected",
"version": "RoomOS 26.2.2.2"
},
{
"status": "affected",
"version": "RoomOS 11.32.5.1"
},
{
"status": "affected",
"version": "RoomOS 26.4.1.6"
},
{
"status": "affected",
"version": "RoomOS 26.4.1.4"
},
{
"status": "affected",
"version": "RoomOS 26.3.1.3"
},
{
"status": "affected",
"version": "RoomOS 11.36.1.1"
},
{
"status": "affected",
"version": "RoomOS 11.37.1.0"
},
{
"status": "affected",
"version": "RoomOS 26.5.2.0"
},
{
"status": "affected",
"version": "RoomOS 11.38.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "As part of Cisco\u0027s ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities.\r\n\r\nThe vulnerabilities tracked by CVE-2026-20157 are related to missing encryption that are grouped under the Common Weakness Enumeration (CWE) Pillar CWE-311."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-311",
"description": "Missing Encryption of Sensitive Data",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T16:18:04.406Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-hardening-roomos-AqNMbEq",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-hardening-roomos-AqNMbEq"
}
],
"source": {
"advisory": "cisco-sa-hardening-roomos-AqNMbEq",
"defects": [
"CSCwu64826"
],
"discovery": "INTERNAL"
},
"title": "Cisco RoomOS Security Hardening Release - Missing Encryption Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20157",
"datePublished": "2026-07-15T16:18:04.406Z",
"dateReserved": "2025-10-08T11:59:15.387Z",
"dateUpdated": "2026-07-15T18:06:16.748Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20158 (GCVE-0-2026-20158)
Vulnerability from cvelistv5 – Published: 2026-07-15 16:18 – Updated: 2026-07-15 18:07
VLAI
EPSS
VEX
Title
Cisco RoomOS Security Hardening Release - Resource Lifetime Management Vulnerabilities
Summary
As part of Cisco's ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities.
The vulnerabilities tracked by CVE-2026-20158 are related to improper control of a resource through its lifetime that are grouped under the Common Weakness Enumeration (CWE) Pillar CWE-664.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-664 - Improper Control of a Resource Through its Lifetime
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco RoomOS Software |
Affected:
RoomOS 10.11.2.2
Affected: RoomOS 10.15.2.2 Affected: RoomOS 11.5.4.6 Affected: RoomOS 11.5.2.4 Affected: RoomOS 10.8.2.5 Affected: RoomOS 10.11.5.2 Affected: RoomOS 10.11.3.0 Affected: RoomOS 10.15.5.3 Affected: RoomOS 10.19.2.2 Affected: RoomOS 11.1.3.1 Affected: RoomOS 10.11.6.0 Affected: RoomOS 10.19.3.0 Affected: RoomOS 10.19.4.2 Affected: RoomOS 10.3.2.4 Affected: RoomOS 10.3.4.0 Affected: RoomOS 10.15.3.0 Affected: RoomOS 11.1.4.1 Affected: RoomOS 11.14.2.3 Affected: RoomOS 11.1.2.4 Affected: RoomOS 10.8.3.1 Affected: RoomOS 11.14.2.1 Affected: RoomOS 10.3.3.0 Affected: RoomOS 10.8.4.0 Affected: RoomOS 10.15.4.1 Affected: RoomOS 10.19.5.6 Affected: RoomOS 10.11.4.1 Affected: RoomOS 11.9.3.1 Affected: RoomOS 11.5.3.3 Affected: RoomOS 10.3.2.0 Affected: RoomOS 11.9.2.4 Affected: RoomOS 11.14.3.0 Affected: RoomOS 11.17.2.2 Affected: RoomOS 11.14.4.0 Affected: RoomOS 10.19 StepUpg Affected: RoomOS 11.17.3.0 Affected: RoomOS 11.20.2.3 Affected: RoomOS 11.14.5.0 Affected: RoomOS 11.17.4.0 Affected: RoomOS 11.20.3.0 Affected: RoomOS 11.23.1.6 Affected: RoomOS 11.23.1.8 Affected: RoomOS 11.24.1.5 Affected: RoomOS 11.24.2.4 Affected: RoomOS 11.24.3.0 Affected: RoomOS 11.24.4.1 Affected: RoomOS 11.27.2.0 Affected: RoomOS 11.28.1.3 Affected: RoomOS 11.27.3.0 Affected: RoomOS 11.31.1.5 Affected: RoomOS 11.27.4.0 Affected: RoomOS 11.32.2.1 Affected: RoomOS 11.33.1.7 Affected: RoomOS 26.0.1.2 Affected: RoomOS 11.34.1.2 Affected: RoomOS 11.32.3.0 Affected: RoomOS 11.27.5.0 Affected: RoomOS 11.32.4.0 Affected: RoomOS 26.1.1.5 Affected: RoomOS 11.35.1.2 Affected: RoomOS 26.2.2.2 Affected: RoomOS 11.32.5.1 Affected: RoomOS 26.4.1.6 Affected: RoomOS 26.4.1.4 Affected: RoomOS 26.3.1.3 Affected: RoomOS 11.36.1.1 Affected: RoomOS 11.37.1.0 Affected: RoomOS 26.5.2.0 Affected: RoomOS 11.38.1.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20158",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-15T18:06:50.394507Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T18:07:02.708Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco RoomOS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "RoomOS 10.11.2.2"
},
{
"status": "affected",
"version": "RoomOS 10.15.2.2"
},
{
"status": "affected",
"version": "RoomOS 11.5.4.6"
},
{
"status": "affected",
"version": "RoomOS 11.5.2.4"
},
{
"status": "affected",
"version": "RoomOS 10.8.2.5"
},
{
"status": "affected",
"version": "RoomOS 10.11.5.2"
},
{
"status": "affected",
"version": "RoomOS 10.11.3.0"
},
{
"status": "affected",
"version": "RoomOS 10.15.5.3"
},
{
"status": "affected",
"version": "RoomOS 10.19.2.2"
},
{
"status": "affected",
"version": "RoomOS 11.1.3.1"
},
{
"status": "affected",
"version": "RoomOS 10.11.6.0"
},
{
"status": "affected",
"version": "RoomOS 10.19.3.0"
},
{
"status": "affected",
"version": "RoomOS 10.19.4.2"
},
{
"status": "affected",
"version": "RoomOS 10.3.2.4"
},
{
"status": "affected",
"version": "RoomOS 10.3.4.0"
},
{
"status": "affected",
"version": "RoomOS 10.15.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.1.4.1"
},
{
"status": "affected",
"version": "RoomOS 11.14.2.3"
},
{
"status": "affected",
"version": "RoomOS 11.1.2.4"
},
{
"status": "affected",
"version": "RoomOS 10.8.3.1"
},
{
"status": "affected",
"version": "RoomOS 11.14.2.1"
},
{
"status": "affected",
"version": "RoomOS 10.3.3.0"
},
{
"status": "affected",
"version": "RoomOS 10.8.4.0"
},
{
"status": "affected",
"version": "RoomOS 10.15.4.1"
},
{
"status": "affected",
"version": "RoomOS 10.19.5.6"
},
{
"status": "affected",
"version": "RoomOS 10.11.4.1"
},
{
"status": "affected",
"version": "RoomOS 11.9.3.1"
},
{
"status": "affected",
"version": "RoomOS 11.5.3.3"
},
{
"status": "affected",
"version": "RoomOS 10.3.2.0"
},
{
"status": "affected",
"version": "RoomOS 11.9.2.4"
},
{
"status": "affected",
"version": "RoomOS 11.14.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.17.2.2"
},
{
"status": "affected",
"version": "RoomOS 11.14.4.0"
},
{
"status": "affected",
"version": "RoomOS 10.19 StepUpg"
},
{
"status": "affected",
"version": "RoomOS 11.17.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.20.2.3"
},
{
"status": "affected",
"version": "RoomOS 11.14.5.0"
},
{
"status": "affected",
"version": "RoomOS 11.17.4.0"
},
{
"status": "affected",
"version": "RoomOS 11.20.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.23.1.6"
},
{
"status": "affected",
"version": "RoomOS 11.23.1.8"
},
{
"status": "affected",
"version": "RoomOS 11.24.1.5"
},
{
"status": "affected",
"version": "RoomOS 11.24.2.4"
},
{
"status": "affected",
"version": "RoomOS 11.24.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.24.4.1"
},
{
"status": "affected",
"version": "RoomOS 11.27.2.0"
},
{
"status": "affected",
"version": "RoomOS 11.28.1.3"
},
{
"status": "affected",
"version": "RoomOS 11.27.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.31.1.5"
},
{
"status": "affected",
"version": "RoomOS 11.27.4.0"
},
{
"status": "affected",
"version": "RoomOS 11.32.2.1"
},
{
"status": "affected",
"version": "RoomOS 11.33.1.7"
},
{
"status": "affected",
"version": "RoomOS 26.0.1.2"
},
{
"status": "affected",
"version": "RoomOS 11.34.1.2"
},
{
"status": "affected",
"version": "RoomOS 11.32.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.27.5.0"
},
{
"status": "affected",
"version": "RoomOS 11.32.4.0"
},
{
"status": "affected",
"version": "RoomOS 26.1.1.5"
},
{
"status": "affected",
"version": "RoomOS 11.35.1.2"
},
{
"status": "affected",
"version": "RoomOS 26.2.2.2"
},
{
"status": "affected",
"version": "RoomOS 11.32.5.1"
},
{
"status": "affected",
"version": "RoomOS 26.4.1.6"
},
{
"status": "affected",
"version": "RoomOS 26.4.1.4"
},
{
"status": "affected",
"version": "RoomOS 26.3.1.3"
},
{
"status": "affected",
"version": "RoomOS 11.36.1.1"
},
{
"status": "affected",
"version": "RoomOS 11.37.1.0"
},
{
"status": "affected",
"version": "RoomOS 26.5.2.0"
},
{
"status": "affected",
"version": "RoomOS 11.38.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "As part of Cisco\u0027s ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities.\r\n\r\nThe vulnerabilities tracked by CVE-2026-20158 are related to improper control of a resource through its lifetime that are grouped under the Common Weakness Enumeration (CWE) Pillar CWE-664."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-664",
"description": "Improper Control of a Resource Through its Lifetime",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T16:18:27.994Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-hardening-roomos-AqNMbEq",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-hardening-roomos-AqNMbEq"
}
],
"source": {
"advisory": "cisco-sa-hardening-roomos-AqNMbEq",
"defects": [
"CSCwu59015"
],
"discovery": "INTERNAL"
},
"title": "Cisco RoomOS Security Hardening Release - Resource Lifetime Management Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20158",
"datePublished": "2026-07-15T16:18:27.994Z",
"dateReserved": "2025-10-08T11:59:15.387Z",
"dateUpdated": "2026-07-15T18:07:02.708Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20187 (GCVE-0-2026-20187)
Vulnerability from cvelistv5 – Published: 2026-07-15 16:18 – Updated: 2026-07-15 18:05
VLAI
EPSS
VEX
Title
Cisco RoomOS Security Hardening Release - Exceptional Conditions Handling Vulnerabilities
Summary
As part of Cisco's ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities.
The vulnerabilities tracked by CVE-2026-20187 are related to improper handling of exceptional conditions that are grouped under the Common Weakness Enumeration (CWE) Pillar CWE-703.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-703 - Improper Check or Handling of Exceptional Conditions
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco RoomOS Software |
Affected:
RoomOS 10.11.2.2
Affected: RoomOS 10.15.2.2 Affected: RoomOS 11.5.4.6 Affected: RoomOS 11.5.2.4 Affected: RoomOS 10.8.2.5 Affected: RoomOS 10.11.5.2 Affected: RoomOS 10.11.3.0 Affected: RoomOS 10.15.5.3 Affected: RoomOS 10.19.2.2 Affected: RoomOS 11.1.3.1 Affected: RoomOS 10.11.6.0 Affected: RoomOS 10.19.3.0 Affected: RoomOS 10.19.4.2 Affected: RoomOS 10.3.2.4 Affected: RoomOS 10.3.4.0 Affected: RoomOS 10.15.3.0 Affected: RoomOS 11.1.4.1 Affected: RoomOS 11.14.2.3 Affected: RoomOS 11.1.2.4 Affected: RoomOS 10.8.3.1 Affected: RoomOS 11.14.2.1 Affected: RoomOS 10.3.3.0 Affected: RoomOS 10.8.4.0 Affected: RoomOS 10.15.4.1 Affected: RoomOS 10.19.5.6 Affected: RoomOS 10.11.4.1 Affected: RoomOS 11.9.3.1 Affected: RoomOS 11.5.3.3 Affected: RoomOS 10.3.2.0 Affected: RoomOS 11.9.2.4 Affected: RoomOS 11.14.3.0 Affected: RoomOS 11.17.2.2 Affected: RoomOS 11.14.4.0 Affected: RoomOS 10.19 StepUpg Affected: RoomOS 11.17.3.0 Affected: RoomOS 11.20.2.3 Affected: RoomOS 11.14.5.0 Affected: RoomOS 11.17.4.0 Affected: RoomOS 11.20.3.0 Affected: RoomOS 11.23.1.6 Affected: RoomOS 11.23.1.8 Affected: RoomOS 11.24.1.5 Affected: RoomOS 11.24.2.4 Affected: RoomOS 11.24.3.0 Affected: RoomOS 11.24.4.1 Affected: RoomOS 11.27.2.0 Affected: RoomOS 11.28.1.3 Affected: RoomOS 11.27.3.0 Affected: RoomOS 11.31.1.5 Affected: RoomOS 11.27.4.0 Affected: RoomOS 11.32.2.1 Affected: RoomOS 11.33.1.7 Affected: RoomOS 26.0.1.2 Affected: RoomOS 11.34.1.2 Affected: RoomOS 11.32.3.0 Affected: RoomOS 11.27.5.0 Affected: RoomOS 11.32.4.0 Affected: RoomOS 26.1.1.5 Affected: RoomOS 11.35.1.2 Affected: RoomOS 26.2.2.2 Affected: RoomOS 11.32.5.1 Affected: RoomOS 26.4.1.6 Affected: RoomOS 26.4.1.4 Affected: RoomOS 26.3.1.3 Affected: RoomOS 11.36.1.1 Affected: RoomOS 11.37.1.0 Affected: RoomOS 26.5.2.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20187",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-15T18:04:49.118521Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T18:05:01.949Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco RoomOS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "RoomOS 10.11.2.2"
},
{
"status": "affected",
"version": "RoomOS 10.15.2.2"
},
{
"status": "affected",
"version": "RoomOS 11.5.4.6"
},
{
"status": "affected",
"version": "RoomOS 11.5.2.4"
},
{
"status": "affected",
"version": "RoomOS 10.8.2.5"
},
{
"status": "affected",
"version": "RoomOS 10.11.5.2"
},
{
"status": "affected",
"version": "RoomOS 10.11.3.0"
},
{
"status": "affected",
"version": "RoomOS 10.15.5.3"
},
{
"status": "affected",
"version": "RoomOS 10.19.2.2"
},
{
"status": "affected",
"version": "RoomOS 11.1.3.1"
},
{
"status": "affected",
"version": "RoomOS 10.11.6.0"
},
{
"status": "affected",
"version": "RoomOS 10.19.3.0"
},
{
"status": "affected",
"version": "RoomOS 10.19.4.2"
},
{
"status": "affected",
"version": "RoomOS 10.3.2.4"
},
{
"status": "affected",
"version": "RoomOS 10.3.4.0"
},
{
"status": "affected",
"version": "RoomOS 10.15.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.1.4.1"
},
{
"status": "affected",
"version": "RoomOS 11.14.2.3"
},
{
"status": "affected",
"version": "RoomOS 11.1.2.4"
},
{
"status": "affected",
"version": "RoomOS 10.8.3.1"
},
{
"status": "affected",
"version": "RoomOS 11.14.2.1"
},
{
"status": "affected",
"version": "RoomOS 10.3.3.0"
},
{
"status": "affected",
"version": "RoomOS 10.8.4.0"
},
{
"status": "affected",
"version": "RoomOS 10.15.4.1"
},
{
"status": "affected",
"version": "RoomOS 10.19.5.6"
},
{
"status": "affected",
"version": "RoomOS 10.11.4.1"
},
{
"status": "affected",
"version": "RoomOS 11.9.3.1"
},
{
"status": "affected",
"version": "RoomOS 11.5.3.3"
},
{
"status": "affected",
"version": "RoomOS 10.3.2.0"
},
{
"status": "affected",
"version": "RoomOS 11.9.2.4"
},
{
"status": "affected",
"version": "RoomOS 11.14.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.17.2.2"
},
{
"status": "affected",
"version": "RoomOS 11.14.4.0"
},
{
"status": "affected",
"version": "RoomOS 10.19 StepUpg"
},
{
"status": "affected",
"version": "RoomOS 11.17.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.20.2.3"
},
{
"status": "affected",
"version": "RoomOS 11.14.5.0"
},
{
"status": "affected",
"version": "RoomOS 11.17.4.0"
},
{
"status": "affected",
"version": "RoomOS 11.20.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.23.1.6"
},
{
"status": "affected",
"version": "RoomOS 11.23.1.8"
},
{
"status": "affected",
"version": "RoomOS 11.24.1.5"
},
{
"status": "affected",
"version": "RoomOS 11.24.2.4"
},
{
"status": "affected",
"version": "RoomOS 11.24.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.24.4.1"
},
{
"status": "affected",
"version": "RoomOS 11.27.2.0"
},
{
"status": "affected",
"version": "RoomOS 11.28.1.3"
},
{
"status": "affected",
"version": "RoomOS 11.27.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.31.1.5"
},
{
"status": "affected",
"version": "RoomOS 11.27.4.0"
},
{
"status": "affected",
"version": "RoomOS 11.32.2.1"
},
{
"status": "affected",
"version": "RoomOS 11.33.1.7"
},
{
"status": "affected",
"version": "RoomOS 26.0.1.2"
},
{
"status": "affected",
"version": "RoomOS 11.34.1.2"
},
{
"status": "affected",
"version": "RoomOS 11.32.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.27.5.0"
},
{
"status": "affected",
"version": "RoomOS 11.32.4.0"
},
{
"status": "affected",
"version": "RoomOS 26.1.1.5"
},
{
"status": "affected",
"version": "RoomOS 11.35.1.2"
},
{
"status": "affected",
"version": "RoomOS 26.2.2.2"
},
{
"status": "affected",
"version": "RoomOS 11.32.5.1"
},
{
"status": "affected",
"version": "RoomOS 26.4.1.6"
},
{
"status": "affected",
"version": "RoomOS 26.4.1.4"
},
{
"status": "affected",
"version": "RoomOS 26.3.1.3"
},
{
"status": "affected",
"version": "RoomOS 11.36.1.1"
},
{
"status": "affected",
"version": "RoomOS 11.37.1.0"
},
{
"status": "affected",
"version": "RoomOS 26.5.2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "As part of Cisco\u0027s ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities.\r\n\r\nThe vulnerabilities tracked by CVE-2026-20187 are related to improper handling of exceptional conditions that are grouped under the Common Weakness Enumeration (CWE) Pillar CWE-703."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-703",
"description": "Improper Check or Handling of Exceptional Conditions",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T16:18:37.525Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-hardening-roomos-AqNMbEq",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-hardening-roomos-AqNMbEq"
}
],
"source": {
"advisory": "cisco-sa-hardening-roomos-AqNMbEq",
"defects": [
"CSCwu64819"
],
"discovery": "INTERNAL"
},
"title": "Cisco RoomOS Security Hardening Release - Exceptional Conditions Handling Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20187",
"datePublished": "2026-07-15T16:18:37.525Z",
"dateReserved": "2025-10-08T11:59:15.394Z",
"dateUpdated": "2026-07-15T18:05:01.949Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…