Description
A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system.

This vulnerability is due to improper input validation in certain sections of the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected system. A successful exploit could allow the attacker to upload arbitrary files to the affected system. The malicious files could overwrite system files that are processed by the root system account and allow arbitrary command execution with root privileges. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of video operator.
Published: 2026-02-04
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution and Privilege Escalation
Action: Assess Impact
AI Analysis

Impact

A vulnerability in the Certificate Management feature of Cisco Meeting Management permits authenticated remote attackers to upload arbitrary files. By sending a crafted HTTP request, an attacker can place files that overwrite system files processed by the root account, leading to arbitrary command execution and privilege escalation to root. This weakness stems from improper input validation, which corresponds to CWE‑434, and can compromise confidentiality, integrity, and availability of the system.

Affected Systems

Systems running Cisco Meeting Management are affected, specifically the Certificate Management component accessed via the web-based management interface. No specific affected versions are listed, so all deployed installations of Cisco Meeting Management should be reviewed for the presence of the vulnerability. The role required for exploitation is at least a video operator; therefore, accounts with this role or higher must be inspected.

Risk and Exploitability

The vulnerability carries a high CVSS score of 8.8, indicating severe impact. However, the EPSS score is less than 1% and the vulnerability has not been recorded in the CISA KEV catalog, suggesting exploitation probability remains low at present. If exploited, the attacker can upload files and execute root‑level commands, effectively gaining full control over the host. The exploitation path requires remote access to the web interface and valid credentials with video operator privileges, which may be obtained through credential compromise or insider misuse. Detection should focus on anomalous file uploads or unexpected command execution logs.

Generated by OpenCVE AI on April 17, 2026 at 23:28 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Cisco Meeting Management patch or upgrade to the most recent version, ensuring the fix for the arbitrary file upload vulnerability is included.
  • Restrict the Certificate Management feature and the video operator role to only trusted users, and enforce least‑privilege access.
  • Monitor and audit web interface logs for unusual file upload activity and command execution patterns, and correlate with known malicious IP addresses or user behavior.

Generated by OpenCVE AI on April 17, 2026 at 23:28 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 10 Mar 2026 20:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:cisco:meeting_management:*:*:*:*:*:*:*:*

Thu, 05 Feb 2026 11:45:00 +0000

Type Values Removed Values Added
First Time appeared Cisco
Cisco meeting Management
Vendors & Products Cisco
Cisco meeting Management

Wed, 04 Feb 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 04 Feb 2026 16:30:00 +0000

Type Values Removed Values Added
Description A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system. This vulnerability is due to improper input validation in certain sections of the web-based management interface. An attacker could exploit this vulnerability&nbsp;by sending a crafted HTTP request to an affected system. A successful exploit could allow the attacker to upload arbitrary files to the affected system. The malicious files could overwrite system files that are processed by the&nbsp;root system account and allow arbitrary command execution with&nbsp;root privileges. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of video operator.
Title Cisco Meeting Management Arbitrary File Upload Vulnerability
Weaknesses CWE-434
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Cisco Meeting Management
cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published:

Updated: 2026-02-26T15:04:20.557Z

Reserved: 2025-10-08T11:59:15.369Z

Link: CVE-2026-20098

cve-icon Vulnrichment

Updated: 2026-02-04T16:39:40.706Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-04T17:16:14.107

Modified: 2026-03-10T20:14:59.117

Link: CVE-2026-20098

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T23:30:15Z

Weaknesses