Unrated severityNVD Advisory· Published Nov 15, 2024· Updated Nov 15, 2024
Cisco Touch 10 Device Insufficient Identity Verification Vulnerability
CVE-2022-20793
Description
A vulnerability in pairing process of Cisco TelePresence CE Software and RoomOS Software for Cisco Touch 10 Devices could allow an unauthenticated, remote attacker to impersonate a legitimate device and pair with an affected device. This vulnerability is due to insufficient identity verification. An attacker could exploit this vulnerability by impersonating a legitimate device and responding to the pairing broadcast from an affected device. A successful exploit could allow the attacker to access the affected device while impersonating a legitimate device.There are no workarounds that address this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4(expand)+ 1 more
- (no CPE)
- (no CPE)range: N/A
- Range: CE9.10.2
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.