CVE-2026-20157

Summary

As part of Cisco's ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities.

The vulnerabilities tracked by CVE-2026-20157 are related to missing encryption that are grouped under the Common Weakness Enumeration (CWE) Pillar CWE-311.

Affected Software

VendorProductVersion RangeStatus
CiscoCisco RoomOS SoftwareRoomOS 10.11.2.2affected
CiscoCisco RoomOS SoftwareRoomOS 10.15.2.2affected
CiscoCisco RoomOS SoftwareRoomOS 11.5.4.6affected
CiscoCisco RoomOS SoftwareRoomOS 11.5.2.4affected
CiscoCisco RoomOS SoftwareRoomOS 10.8.2.5affected
CiscoCisco RoomOS SoftwareRoomOS 10.11.5.2affected
CiscoCisco RoomOS SoftwareRoomOS 10.11.3.0affected
CiscoCisco RoomOS SoftwareRoomOS 10.15.5.3affected
CiscoCisco RoomOS SoftwareRoomOS 10.19.2.2affected
CiscoCisco RoomOS SoftwareRoomOS 11.1.3.1affected
CiscoCisco RoomOS SoftwareRoomOS 10.11.6.0affected
CiscoCisco RoomOS SoftwareRoomOS 10.19.3.0affected
CiscoCisco RoomOS SoftwareRoomOS 10.19.4.2affected
CiscoCisco RoomOS SoftwareRoomOS 10.3.2.4affected
CiscoCisco RoomOS SoftwareRoomOS 10.3.4.0affected
CiscoCisco RoomOS SoftwareRoomOS 10.15.3.0affected
CiscoCisco RoomOS SoftwareRoomOS 11.1.4.1affected
CiscoCisco RoomOS SoftwareRoomOS 11.14.2.3affected
CiscoCisco RoomOS SoftwareRoomOS 11.1.2.4affected
CiscoCisco RoomOS SoftwareRoomOS 10.8.3.1affected
CiscoCisco RoomOS SoftwareRoomOS 11.14.2.1affected
CiscoCisco RoomOS SoftwareRoomOS 10.3.3.0affected
CiscoCisco RoomOS SoftwareRoomOS 10.8.4.0affected
CiscoCisco RoomOS SoftwareRoomOS 10.15.4.1affected
CiscoCisco RoomOS SoftwareRoomOS 10.19.5.6affected
CiscoCisco RoomOS SoftwareRoomOS 10.11.4.1affected
CiscoCisco RoomOS SoftwareRoomOS 11.9.3.1affected
CiscoCisco RoomOS SoftwareRoomOS 11.5.3.3affected
CiscoCisco RoomOS SoftwareRoomOS 10.3.2.0affected
CiscoCisco RoomOS SoftwareRoomOS 11.9.2.4affected
CiscoCisco RoomOS SoftwareRoomOS 11.14.3.0affected
CiscoCisco RoomOS SoftwareRoomOS 11.17.2.2affected
CiscoCisco RoomOS SoftwareRoomOS 11.14.4.0affected
CiscoCisco RoomOS SoftwareRoomOS 10.19 StepUpgaffected
CiscoCisco RoomOS SoftwareRoomOS 11.17.3.0affected
CiscoCisco RoomOS SoftwareRoomOS 11.20.2.3affected
CiscoCisco RoomOS SoftwareRoomOS 11.14.5.0affected
CiscoCisco RoomOS SoftwareRoomOS 11.17.4.0affected
CiscoCisco RoomOS SoftwareRoomOS 11.20.3.0affected
CiscoCisco RoomOS SoftwareRoomOS 11.23.1.6affected
CiscoCisco RoomOS SoftwareRoomOS 11.23.1.8affected
CiscoCisco RoomOS SoftwareRoomOS 11.24.1.5affected
CiscoCisco RoomOS SoftwareRoomOS 11.24.2.4affected
CiscoCisco RoomOS SoftwareRoomOS 11.24.3.0affected
CiscoCisco RoomOS SoftwareRoomOS 11.24.4.1affected
CiscoCisco RoomOS SoftwareRoomOS 11.27.2.0affected
CiscoCisco RoomOS SoftwareRoomOS 11.28.1.3affected
CiscoCisco RoomOS SoftwareRoomOS 11.27.3.0affected
CiscoCisco RoomOS SoftwareRoomOS 11.31.1.5affected
CiscoCisco RoomOS SoftwareRoomOS 11.27.4.0affected
CiscoCisco RoomOS SoftwareRoomOS 11.32.2.1affected
CiscoCisco RoomOS SoftwareRoomOS 11.33.1.7affected
CiscoCisco RoomOS SoftwareRoomOS 26.0.1.2affected
CiscoCisco RoomOS SoftwareRoomOS 11.34.1.2affected
CiscoCisco RoomOS SoftwareRoomOS 11.32.3.0affected
CiscoCisco RoomOS SoftwareRoomOS 11.27.5.0affected
CiscoCisco RoomOS SoftwareRoomOS 11.32.4.0affected
CiscoCisco RoomOS SoftwareRoomOS 26.1.1.5affected
CiscoCisco RoomOS SoftwareRoomOS 11.35.1.2affected
CiscoCisco RoomOS SoftwareRoomOS 26.2.2.2affected
CiscoCisco RoomOS SoftwareRoomOS 11.32.5.1affected
CiscoCisco RoomOS SoftwareRoomOS 26.4.1.6affected
CiscoCisco RoomOS SoftwareRoomOS 26.4.1.4affected
CiscoCisco RoomOS SoftwareRoomOS 26.3.1.3affected
CiscoCisco RoomOS SoftwareRoomOS 11.36.1.1affected
CiscoCisco RoomOS SoftwareRoomOS 11.37.1.0affected
CiscoCisco RoomOS SoftwareRoomOS 26.5.2.0affected
CiscoCisco RoomOS SoftwareRoomOS 11.38.1.1affected

Weaknesses

  • CWE-311: Missing Encryption of Sensitive Data

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References