Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-20793

A vulnerability in pairing process of Cisco TelePresence CE Software and RoomOS Software for Cisco Touch 10 Devices could allow an unauthenticated, remote attacker to impersonate a legitimate device and pair with an affected device. This vulnerability is due to insufficient identity verification. An attacker could exploit this vulnerability by impersonating a legitimate device and responding to the pairing broadcast from an affected device. A successful exploit could allow the attacker to access the affected device while impersonating a legitimate device.There are no workarounds that address this vulnerability.

Published

2024-11-15T16:15:22.370

Last Modified

2025-07-30T17:12:24.097

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.8 (MEDIUM)

Weaknesses

Type: Secondary
CWE-325

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	cisco	telepresence_collaboration_endpoint	9.0.1	Yes
Application	cisco	telepresence_collaboration_endpoint	9.1.1	Yes
Application	cisco	telepresence_collaboration_endpoint	9.1.2	Yes
Application	cisco	telepresence_collaboration_endpoint	9.1.3	Yes
Application	cisco	telepresence_collaboration_endpoint	9.1.4	Yes
Application	cisco	telepresence_collaboration_endpoint	9.1.5	Yes
Application	cisco	telepresence_collaboration_endpoint	9.1.6	Yes
Application	cisco	telepresence_collaboration_endpoint	9.2.1	Yes
Application	cisco	telepresence_collaboration_endpoint	9.2.2	Yes
Application	cisco	telepresence_collaboration_endpoint	9.2.3	Yes
Application	cisco	telepresence_collaboration_endpoint	9.2.4	Yes
Application	cisco	telepresence_collaboration_endpoint	9.9.3	Yes
Application	cisco	telepresence_collaboration_endpoint	9.9.4	Yes
Application	cisco	telepresence_collaboration_endpoint	9.10.1	Yes
Application	cisco	telepresence_collaboration_endpoint	9.10.2	Yes
Application	cisco	telepresence_collaboration_endpoint	9.10.3	Yes
Application	cisco	telepresence_collaboration_endpoint	9.12.3	Yes
Application	cisco	telepresence_collaboration_endpoint	9.12.4	Yes
Application	cisco	telepresence_collaboration_endpoint	9.12.5	Yes
Application	cisco	telepresence_collaboration_endpoint	9.13.0	Yes
Application	cisco	telepresence_collaboration_endpoint	9.13.1	Yes
Application	cisco	telepresence_collaboration_endpoint	9.13.2	Yes
Application	cisco	telepresence_collaboration_endpoint	9.13.3	Yes
Application	cisco	telepresence_collaboration_endpoint	9.14.3	Yes
Application	cisco	telepresence_collaboration_endpoint	9.14.4	Yes
Application	cisco	telepresence_collaboration_endpoint	9.14.5	Yes
Application	cisco	telepresence_collaboration_endpoint	9.14.6	Yes
Application	cisco	telepresence_collaboration_endpoint	9.14.7	Yes
Application	cisco	telepresence_collaboration_endpoint	9.15.0.10	Yes
Application	cisco	telepresence_collaboration_endpoint	9.15.0.11	Yes
Application	cisco	telepresence_collaboration_endpoint	9.15.0.13	Yes
Application	cisco	telepresence_collaboration_endpoint	9.15.0.19	Yes
Application	cisco	telepresence_collaboration_endpoint	9.15.3.17	Yes
Application	cisco	telepresence_collaboration_endpoint	9.15.3.18	Yes
Application	cisco	telepresence_collaboration_endpoint	9.15.3.19	Yes
Application	cisco	telepresence_collaboration_endpoint	9.15.3.22	Yes
Application	cisco	telepresence_collaboration_endpoint	9.15.3.25	Yes
Application	cisco	telepresence_collaboration_endpoint	9.15.3.26	Yes
Application	cisco	telepresence_collaboration_endpoint	9.15.8.12	Yes
Application	cisco	telepresence_collaboration_endpoint	9.15.10.8	Yes
Application	cisco	telepresence_collaboration_endpoint	9.15.13.0	Yes
Operating System	cisco	roomos	-	Yes

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-CTT-IVV-4A66Dsfj Vendor Advisory ([email protected])