CVE-2022-20783

HIGH

Cisco TelePresence CE/RoomOS - DoS

Title source: llm

Description

A vulnerability in the packet processing functionality of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted H.323 traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to either reboot normally or reboot into maintenance mode, which could result in a DoS condition on the device.

References (1)

[Vendor Advisory] https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ce-roomos-dos-c65x2Qf2

Scores

CVSS v3 7.5

EPSS 0.0041

EPSS Percentile 61.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-20 CWE-1287

Status published

Products (2)

cisco/roomos < 2022

cisco/telepresence_collaboration_endpoint < 9.15.10.8

Published Apr 21, 2022

Tracked Since Feb 18, 2026