vulnerability
Cisco TelePresence Video Communication Server (VCS) Expressway: CVE-2023-20192: Cisco Expressway Series and Cisco TelePresence Video Communication Server Privilege Escalation Vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:L/AC:L/Au:S/C:N/I:C/A:C) | Jun 7, 2023 | Sep 30, 2024 | Aug 6, 2025 |
Severity
6
CVSS
(AV:L/AC:L/Au:S/C:N/I:C/A:C)
Published
Jun 7, 2023
Added
Sep 30, 2024
Modified
Aug 6, 2025
Description
Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated attacker with Administrator-level read-only credentials to elevate their privileges to Administrator with read-write credentials on an affected system. Note: "Cisco Expressway Series" refers to Cisco Expressway Control (Expressway-C) devices and Cisco Expressway Edge (Expressway-E) devices. For more information about these vulnerabilities, see the Details section of this advisory.
Solution
cisco-telepresence-expressway-upgrade-latest
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.