Cisco RoomOS
CVE-2026-20187
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Network-reachable service exploitable without auth or interaction at low complexity, causing availability loss only, so C:N/I:N/A:H with PR:N/UI:N matches the disclosed DoS impact.
Primary rating from Vendor (cisco).
CVSS VectorVendor: cisco
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
2DescriptionCVE.org
As part of Cisco's ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities.
The vulnerabilities tracked by CVE-2026-20187 are related to improper handling of exceptional conditions that are grouped under the Common Weakness Enumeration (CWE) Pillar CWE-703.
AnalysisAI
Denial of service in Cisco RoomOS software allows remote unauthenticated attackers to exhaust availability of affected collaboration endpoints and room-based video devices through improper handling of exceptional conditions (CWE-703). The issue was internally discovered by Cisco's RoomOS engineering team as part of a hardening release bundling multiple flaws under this identifier, carries a CVSS 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), and has no public exploit identified at time of analysis. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires network-level reachability to a device running vulnerable Cisco RoomOS software; per the CVSS vector (AV:N/AC:L/PR:N/UI:N) no authentication, no privileges, and no user interaction are needed against affected endpoints. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 base score is 7.5 (High), driven entirely by availability impact (A:H) with no confidentiality or integrity effect, and an attractive exploitability profile: network vector, low complexity, no privileges, and no user interaction (AV:N/AC:L/PR:N/UI:N). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with network reachability to a Cisco RoomOS endpoint sends crafted or malformed traffic to an exposed service, triggering an unhandled exceptional condition that crashes or hangs the device and drops it out of service. Because no authentication or user interaction is required (PR:N/UI:N) and complexity is low (AC:L), a single reachable device could be repeatedly knocked offline during meetings. … |
| Remediation | Apply the Cisco RoomOS software hardening release that addresses CVE-2026-20187; because RoomOS devices are typically cloud-managed (Webex Control Hub) or receive automatic/scheduled software updates, ensure endpoints are on the latest RoomOS train and that automatic upgrades are enabled so the fixed build is deployed. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours, inventory all Cisco RoomOS devices in your environment and assess their network accessibility; immediately implement firewall rules and network segmentation to restrict remote access to these endpoints from untrusted networks. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Cisco Roomos Software
View allPrivilege escalation via improper access control in Cisco RoomOS software allows an authenticated attacker with low-leve
Memory-corruption vulnerabilities in Cisco RoomOS Software (the operating system on Cisco/Webex collaboration room endpo
Remote denial of service in Cisco RoomOS software allows unauthenticated attackers to exhaust or corrupt a resource over
Denial of service in Cisco RoomOS software allows remote, unauthenticated attackers to disrupt device availability throu
Sensitive information disclosure affects Cisco RoomOS software running on Cisco collaboration room endpoints, where miss
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today