Path traversal in Cisco TelePresence Collaboration Endpoint, TelePresence Codec and RoomOS

Published: 2020-01-27
Risk High
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2020-3143
Exploitation vector Network
Public exploit N/A
Vulnerable software
Cisco TelePresence Collaboration Endpoint (CE)
Hardware solutions / Office equipment, IP-phones, print servers

Cisco TelePresence Codec (TC)
Server applications / Conferencing, Collaboration and VoIP solutions

Cisco RoomOS
Operating systems & Components / Operating system

Vendor Cisco Systems, Inc

Security Bulletin

This security bulletin contains one high risk vulnerability.

1) Path traversal

EUVDB-ID: #VU24664

Risk: High


CVE-ID: CVE-2020-3143

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No


The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences in the video endpoint API. A remote authenticated attacker can send a specially crafted HTTP request and read and write arbitrary files on the system.

This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco TelePresence CE Software, Cisco TC Software, or Cisco RoomOS Software:

  • Cisco TelePresence Integrator C Series
  • Cisco TelePresence MX Series
  • Cisco TelePresence SX Series
  • Cisco TelePresence System EX Series
  • Cisco Webex Board
  • Cisco Webex DX Series
  • Cisco Webex Room Series


Install update from vendor's website.

Vulnerable software versions

Cisco TelePresence Collaboration Endpoint (CE): 8.3.5 - 9.4.0

Cisco TelePresence Codec (TC): 7.0.1 - 7.3.19

Cisco RoomOS: before Januray Drop 1 2020

CPE2.3 External links

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?