Cyber Posture

CVE-2026-20119

High

Published: 04 February 2026

Published
04 February 2026
Modified
15 April 2026
KEV Added
Patch
CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0011 29.6th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-20119 is a high-severity Improper Validation of Specified Type of Input (CWE-1287) vulnerability in Cisco TelePresence Collaboration (inferred from references). Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 29.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique.
Threat & Defense Details

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
attack.mitre.org →
Why these techniques?

Remote unauthenticated crafted input triggers device reload/DoS via improper input validation in exposed endpoint software, directly enabling T1190 (public-facing app exploitation) and T1499.004 (application/system exploitation for availability impact).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due…

more

to insufficient validation of input received by an affected device. An attacker could exploit this vulnerability by getting the affected device to render crafted text, for example, a crafted meeting invitation. As indicated in the CVSS score, no user interaction is required, such as accepting the meeting invitation. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

Deeper analysisAI

CVE-2026-20119 is a vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software. It stems from insufficient validation of input received by an affected device, which could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. The issue is rated with a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) and is associated with CWE-1287 (Improper Validation of Specified Index or Position).

An unauthenticated, remote attacker can exploit this vulnerability by sending crafted text to the affected device for rendering, such as a specially crafted meeting invitation. No user interaction is required, including no need to accept the invitation. Successful exploitation causes the device to reload, resulting in a temporary DoS condition until it restarts.

Mitigation details and affected versions are outlined in the Cisco Security Advisory at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tce-roomos-dos-9V9jrC2q. Security practitioners should consult this advisory for patching instructions and workarounds.

Details

CWE(s)
CWE-1287

Affected Products

Cisco
TelePresence Collaboration
inferred from references and description; NVD did not file a CPE for this CVE

CVEs Like This One

CVE-2025-20621Shared CWE-1287
CVE-2026-2454Shared CWE-1287
CVE-2026-33806Shared CWE-1287
CVE-2025-20251Shared CWE-1287
CVE-2026-20074Shared CWE-1287
CVE-2025-20630Shared CWE-1287
CVE-2024-48858Shared CWE-1287
CVE-2025-12977Shared CWE-1287
CVE-2026-2092Shared CWE-1287
CVE-2026-2004Shared CWE-1287

References