Denial of Service Vulnerability in Cisco TelePresence Collaboration Endpoint and RoomOS Software
CVE-2026-20119

7.5HIGH

Key Information:

Vendor: Cisco
Status: Cisco Roomos Software; Cisco Telepresence Endpoint Software (tc/ce)
Vendor: CVE Published:; 4 February 2026

Badges

👾 Exploit Exists

What is CVE-2026-20119?

A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint Software and Cisco RoomOS Software could allow an unauthenticated remote attacker to initiate a denial of service (DoS) condition. This issue arises from inadequate validation of inputs processed by the device. An attacker could exploit this vulnerability by convincing the affected system to render specially crafted text, such as a manipulated meeting invitation. Notably, the attack does not require any user interaction, allowing for potential exploitation without user consent. A successful attack could cause the device to unexpectedly reload, leading to a disruption in service.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Cisco RoomOS Software RoomOS 10.11.2.2

Cisco RoomOS Software RoomOS 10.15.2.2

Cisco RoomOS Software RoomOS 11.5.4.6

References

https://sec.cloudapps.cisco.com/security/center/content/C...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

👾
Exploit known to exist
Feb 4, 2026
Vulnerability published
Feb 4, 2026
Vulnerability Reserved
Oct 8, 2025

JSON

Cisco

Badges

What is CVE-2026-20119?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.