Skip to main content

Cisco RoomOS CVE-2026-20187

HIGH
Improper Check or Handling of Exceptional Conditions (CWE-703)
2026-07-15 cisco
7.5
CVSS 3.1 · Vendor: cisco
Share

Severity by source

Vendor (cisco) PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
vuln.today AI
7.5 HIGH

Network-reachable service exploitable without auth or interaction at low complexity, causing availability loss only, so C:N/I:N/A:H with PR:N/UI:N matches the disclosed DoS impact.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (cisco).

CVSS VectorVendor: cisco

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

2
Analysis Generated
Jul 15, 2026 - 16:49 vuln.today
CVE Published
Jul 15, 2026 - 16:18 cve.org
HIGH 7.5

DescriptionCVE.org

As part of Cisco's ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities.

The vulnerabilities tracked by CVE-2026-20187 are related to improper handling of exceptional conditions that are grouped under the Common Weakness Enumeration (CWE) Pillar CWE-703.

AnalysisAI

Denial of service in Cisco RoomOS software allows remote unauthenticated attackers to exhaust availability of affected collaboration endpoints and room-based video devices through improper handling of exceptional conditions (CWE-703). The issue was internally discovered by Cisco's RoomOS engineering team as part of a hardening release bundling multiple flaws under this identifier, carries a CVSS 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), and has no public exploit identified at time of analysis. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Reach RoomOS device over network
Delivery
Send crafted malformed request
Exploit
Trigger unhandled exceptional condition (CWE-703)
Execution
Crash or hang service process
Impact
Endpoint denial of service

Vulnerability AssessmentAI

Exploitation Exploitation requires network-level reachability to a device running vulnerable Cisco RoomOS software; per the CVSS vector (AV:N/AC:L/PR:N/UI:N) no authentication, no privileges, and no user interaction are needed against affected endpoints. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 base score is 7.5 (High), driven entirely by availability impact (A:H) with no confidentiality or integrity effect, and an attractive exploitability profile: network vector, low complexity, no privileges, and no user interaction (AV:N/AC:L/PR:N/UI:N). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with network reachability to a Cisco RoomOS endpoint sends crafted or malformed traffic to an exposed service, triggering an unhandled exceptional condition that crashes or hangs the device and drops it out of service. Because no authentication or user interaction is required (PR:N/UI:N) and complexity is low (AC:L), a single reachable device could be repeatedly knocked offline during meetings. …
Remediation Apply the Cisco RoomOS software hardening release that addresses CVE-2026-20187; because RoomOS devices are typically cloud-managed (Webex Control Hub) or receive automatic/scheduled software updates, ensure endpoints are on the latest RoomOS train and that automatic upgrades are enabled so the fixed build is deployed. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours, inventory all Cisco RoomOS devices in your environment and assess their network accessibility; immediately implement firewall rules and network segmentation to restrict remote access to these endpoints from untrusted networks. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-20187 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy