CVE-2022-20783

Name of the Vulnerable Software and Affected Versions Cisco TelePresence Collaboration Endpoint (CE) Software (affected versions not specified) Cisco RoomOS Software (affected versions not specified)

Description A vulnerability in the packet processing functionality could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This issue is due to insufficient input validation. An attacker could exploit this by sending crafted H.323 traffic to an affected device, potentially causing the device to reboot normally or into maintenance mode, resulting in a DoS condition.

Recommendations For Cisco TelePresence Collaboration Endpoint (CE) Software, consider disabling the packet processing functionality until a patch is available. For Cisco RoomOS Software, restrict access to the H.323 traffic handling component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.