EUVD-2019-10217

Malware in sbrugna...

CVE-2023-20093

Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. These vulnerabilities are due to improper access controls on files that are on the local file system. An...

CVE-2023-20094

A vulnerability in Cisco TelePresence CE and RoomOS could allow an unauthenticated, adjacent attacker to view sensitive information on an affected device. This vulnerability exists because the affected software performs improper bounds checks. An attacker could exploit this vulnerability by sendi...

CVE-2023-20092

Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. These vulnerabilities are due to improper access controls on files that are on the local file system. An...

CVE-2022-20853

A vulnerability in the REST API of Cisco Expressway Series and Cisco TelePresence VCS could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management...

CVE-2022-20793

A vulnerability in pairing process of Cisco TelePresence CE Software and RoomOS Software for Cisco Touch 10 Devices could allow an unauthenticated, remote attacker to impersonate a legitimate device and pair with an affected device. This vulnerability is due to insufficient identity verification...

CVE-2022-20793 Cisco Touch 10 Device Insufficient Identity Verification Vulnerability

A vulnerability in pairing process of Cisco TelePresence CE Software and RoomOS Software for Cisco Touch 10 Devices could allow an unauthenticated, remote attacker to impersonate a legitimate device and pair with an affected device. This vulnerability is due to insufficient identity verification...

CVE-2022-20814 Cisco Expressway Series and Cisco TelePresence VCS Improper Certificate Validation Vulnerability

A vulnerability in the certificate validation of Cisco Expressway-C and Cisco TelePresence VCS could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability is due to a lack of validation of the SSL server certificate that an affected device...

CVE-2023-20004 Cisco TelePresence Collaboration Endpoint and RoomOS Software Arbitrary File Write Vulnerability

Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. These vulnerabilities are due to improper access controls on files that are on the local file system. An...

CVE-2023-20004 Cisco TelePresence Collaboration Endpoint and RoomOS Software Arbitrary File Write Vulnerability

Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. These vulnerabilities are due to improper access controls on files that are on the local file system. An...

CVE-2023-20090 Cisco TelePresence Collaboration Endpoint and RoomOS Software Privilege Escalation Vulnerability

A vulnerability in Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to improper access control on certain CLI commands. An attacker could exploit this vulnerability by running a series of...

CVE-2023-20090 Cisco TelePresence Collaboration Endpoint and RoomOS Software Privilege Escalation Vulnerability

A vulnerability in Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to improper access control on certain CLI commands. An attacker could exploit this vulnerability by running a series of...

CVE-2023-20091 Cisco TelePresence Collaboration Endpoint and RoomOS Software Arbitrary File Overwrite Vulnerability

A vulnerability in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. This vulnerability is due to improper access controls on files that are on the local file system. An attacker...

CVE-2023-20091 Cisco TelePresence Collaboration Endpoint and RoomOS Software Arbitrary File Overwrite Vulnerability

A vulnerability in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. This vulnerability is due to improper access controls on files that are on the local file system. An attacker...

CVE-2023-20092 Cisco TelePresence Collaboration Endpoint and RoomOS Software Arbitrary File Overwrite Vulnerability

Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. These vulnerabilities are due to improper access controls on files that are on the local file system. An...

CVE-2023-20092 Cisco TelePresence Collaboration Endpoint and RoomOS Software Arbitrary File Overwrite Vulnerability

Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. These vulnerabilities are due to improper access controls on files that are on the local file system. An...

CVE-2023-20093 Cisco TelePresence Collaboration Endpoint and RoomOS Software Arbitrary File Overwrite Vulnerability

Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. These vulnerabilities are due to improper access controls on files that are on the local file system. An...

CVE-2023-20093 Cisco TelePresence Collaboration Endpoint and RoomOS Software Arbitrary File Overwrite Vulnerability

Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. These vulnerabilities are due to improper access controls on files that are on the local file system. An...

CVE-2023-20094 Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability

A vulnerability in Cisco TelePresence CE and RoomOS could allow an unauthenticated, adjacent attacker to view sensitive information on an affected device. This vulnerability exists because the affected software performs improper bounds checks. An attacker could exploit this vulnerability by sendi...

CVE-2023-20249

A vulnerability in the web-based management interface of Cisco TelePresence Management Suite TMS Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient input validation by the...