Cisco Roomos Software
CVE-2026-20158
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from Vendor (cisco) · only source for this CVE.
CVSS VectorVendor: cisco
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
2DescriptionCVE.org
As part of Cisco's ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities.
The vulnerabilities tracked by CVE-2026-20158 are related to improper control of a resource through its lifetime that are grouped under the Common Weakness Enumeration (CWE) Pillar CWE-664.
AnalysisAI
Remote denial of service in Cisco RoomOS software allows unauthenticated attackers to exhaust or corrupt a resource over the network, disrupting availability of Cisco collaboration room endpoints. Disclosed as part of a Cisco-internal security hardening review under the CWE-664 resource-lifetime pillar, the flaw carries a 7.5 CVSS score with an availability-only impact (C:N/I:N/A:H). …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Recommended ActionAI
Within 24 hours: Identify and inventory all Cisco RoomOS deployments, document current firmware versions and network exposure. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Cisco Roomos Software
View allPrivilege escalation via improper access control in Cisco RoomOS software allows an authenticated attacker with low-leve
Memory-corruption vulnerabilities in Cisco RoomOS Software (the operating system on Cisco/Webex collaboration room endpo
Denial of service in Cisco RoomOS software allows remote unauthenticated attackers to exhaust availability of affected c
Denial of service in Cisco RoomOS software allows remote, unauthenticated attackers to disrupt device availability throu
Sensitive information disclosure affects Cisco RoomOS software running on Cisco collaboration room endpoints, where miss
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today