Missing Encryption Vulnerability in Cisco RoomOS Software
CVE-2026-20157

7.5HIGH

Key Information:

Vendor

Cisco

Vendor
CVE Published:
15 July 2026

Badges

👾 Exploit Exists

What is CVE-2026-20157?

Cisco RoomOS software has been identified with several vulnerabilities due to missing encryption, which could potentially compromise the integrity and confidentiality of data. This issue falls under the Common Weakness Enumeration category CWE-311 and has prompted the Cisco RoomOS engineering team to implement a software hardening release as part of their commitment to security enhancement. The vulnerabilities highlight the importance of encryption in safeguarding sensitive information within the platform.

Affected Version(s)

Cisco RoomOS Software RoomOS 10.11.2.2

Cisco RoomOS Software RoomOS 10.15.2.2

Cisco RoomOS Software RoomOS 11.5.4.6

References

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.