CVE-2022-20793

Q: What is the severity of CVE-2022-20793?

CVE-2022-20793 has a CVSS score of 6.8 (MEDIUM). This vulnerability allows an unauthenticated remote attacker to impersonate a legitimate Cisco Touch 10 device during the pairing process, enabling unauthorized access to affected TelePresence systems. It affects Cisco TelePresence CE Software and RoomOS Software for Cisco Touch 10 Devices. The vulnerability stems from insufficient identity verification during device pairing.

6.8 MEDIUM

Authentication Bypass

📋 TL;DR

This vulnerability allows an unauthenticated remote attacker to impersonate a legitimate Cisco Touch 10 device during the pairing process, enabling unauthorized access to affected TelePresence systems. It affects Cisco TelePresence CE Software and RoomOS Software for Cisco Touch 10 Devices. The vulnerability stems from insufficient identity verification during device pairing.

💻 Affected Systems

Products:

Cisco TelePresence CE Software
Cisco RoomOS Software for Cisco Touch 10 Devices

Versions: All versions prior to the fixed releases

Operating Systems: RoomOS, TelePresence CE

Default Config Vulnerable: ⚠️ Yes

Notes: Affects Cisco Touch 10 devices using vulnerable software versions; requires devices to be in pairing mode or initiating pairing.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker gains full control of the Touch 10 device, potentially accessing sensitive meeting information, intercepting communications, or using it as a foothold to attack other systems on the network.

🟠

Likely Case

Unauthorized pairing allows the attacker to control the Touch 10 interface, potentially disrupting meetings, accessing limited device functions, or performing reconnaissance.

🟢

If Mitigated

With proper network segmentation and monitoring, impact is limited to the Touch 10 device itself without lateral movement to other systems.

🌐 Internet-Facing: MEDIUM - While the vulnerability requires proximity to the pairing broadcast, internet-facing devices could be targeted if attackers gain network access.

🏢 Internal Only: HIGH - Internal attackers or compromised internal systems can easily exploit this vulnerability without authentication requirements.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires responding to pairing broadcasts; no authentication needed; attacker must be on the same network segment.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to Cisco Security Advisory for specific fixed versions

Vendor Advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-CTT-IVV-4A66Dsfj

Restart Required: Yes

Instructions:

1. Access Cisco Software Center 2. Download appropriate fixed software version 3. Upload to affected device 4. Install update 5. Reboot device

🧯 If You Can't Patch

Segment Touch 10 devices on isolated VLANs
Disable unnecessary pairing features when not in use
Implement network access control to restrict device communication
Monitor for unauthorized pairing attempts

🔍 How to Verify

Check if Vulnerable:

Check software version on Touch 10 device via web interface or SSH; compare against fixed versions in Cisco advisory.

Check Version:

ssh admin@device-ip 'xCommand SystemUnit Software Show' or check via web interface

Verify Fix Applied:

Verify installed software version matches or exceeds fixed version listed in Cisco advisory.

📡 Detection & Monitoring

Log Indicators:

Unexpected pairing events
Multiple failed pairing attempts
Pairing from unknown MAC addresses

Network Indicators:

Unusual pairing protocol traffic
Pairing broadcasts from unexpected sources

SIEM Query:

source="touch10-device" AND event_type="pairing" AND result!="success" | stats count by src_mac

📊 Metadata

CVE ID: CVE-2022-20793

CVSS v3 Score: 6.8 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

CWE: CWE-325

Published: November 15, 2024

Last Updated: July 30, 2025

🔗 References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-CTT-IVV-4A66Dsfj Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Roomos by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

Telepresence Collaboration Endpoint by Cisco

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities