vulnerability
Cisco TelePresence Video Communication Server (VCS) Expressway: CVE-2022-20755: Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:L/Au:S/C:C/I:C/A:C) | Mar 2, 2022 | Sep 30, 2024 | Aug 6, 2025 |
Severity
9
CVSS
(AV:N/AC:L/Au:S/C:C/I:C/A:C)
Published
Mar 2, 2022
Added
Sep 30, 2024
Modified
Aug 6, 2025
Description
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with read/write privileges to the application to write files or execute arbitrary code on the underlying operating system of an affected device as the root user. For more information about these vulnerabilities, see the Details section of this advisory.
Solution
cisco-telepresence-expressway-upgrade-latest
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.