CVE-2022-20793

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Published Nov 15, 2024
CWE ID 325

Summary

CVE-2022-20793 is a vulnerability affecting Cisco TelePresence CE Software and RoomOS Software for Cisco Touch 10 Devices. This issue permits an unauthenticated, remote attacker to impersonate a legitimate device and pair with an affected device. The cause of this vulnerability is insufficient identity verification. An attacker can exploit this weakness by responding to the pairing broadcast from an affected device, potentially gaining access to the device while posing as a trusted device. No workarounds currently exist to mitigate this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share