Cisco, F5 Patch High-Severity Vulnerabilities-Information Security Announcement-Tainan Branch, Administrative Enforcement Agency, Ministry of Justice

:::

Cisco, F5 Patch High-Severity Vulnerabilities

Publication Date ： 2026-02-10
Last updated：2026-02-10
View count：4

Cisco and F5 this week released patches for multiple vulnerabilities across their products, including high-severity issues leading to denial-of-service (DoS) conditions, command execution, and privilege escalation.

Cisco rolled out fixes for five security defects, including two high-severity bugs in TelePresence Collaboration Endpoint (CE) and RoomOS software, and Meeting Management.

The first, tracked as CVE-2026-20119, can be exploited remotely without authentication or user interaction to cause a DoS condition by sending a crafted meeting invitation to a vulnerable appliance.

Cisco fixed the flaw in TelePresence CE Software and RoomOS software versions 11.27.5.0 and 11.32.3.0.

The second vulnerability, tracked as CVE-2026-20098 and resolved in Meeting Management version 3.12.1 MR, exists because the web management interface fails to properly validate user input, allowing authenticated attackers to send crafted requests.

Successful exploitation of the bug allows attackers with at least the role of video operator to upload arbitrary files, including system files processed by the root account, thus leading to command execution with root privileges.