vulnerability
Cisco TelePresence Video Communication Server (VCS) Expressway: CVE-2022-20806: Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:S/C:P/I:N/A:P) | May 18, 2022 | Sep 30, 2024 | Apr 1, 2026 |
Severity
5
CVSS
(AV:N/AC:L/Au:S/C:P/I:N/A:P)
Published
May 18, 2022
Added
Sep 30, 2024
Modified
Apr 1, 2026
Description
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
Solution
cisco-telepresence-expressway-upgrade-latest
References
- CVE-2022-20806
- https://attackerkb.com/topics/CVE-2022-20806
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-filewrite-bsFVwueV
- https://euvd.enisa.europa.eu/vulnerability/EUVD-2022-26056
- CISCO-cisco-sa-expressway-filewrite-bsFVwueV
- CWE-532
- EUVD-EUVD-2022-26056
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.