2 min Security

Cisco Meeting Server vulnerable, patch needed

Cisco Meeting Server vulnerable, patch needed

Cisco has fixed a critical vulnerability in its Meeting Management tool for the video conferencing platform Meeting Server. This vulnerability potentially offered cybercriminals admin rights.

Based on a report from bug hunter Ben Leonard-Lagarde, working at UK-based Modux, Cisco has fixed this vulnerability, called CVE-2025-20156. The flaw involved incorrect authorization for REST API users in the on-premises video conferencing solution Cisco Meeting Server.

Attack path

The vulnerability was easy to exploit. Cybercriminals could use API requests with low privileges to gain access to a specific endpoint. Through privilege escalation, they gained admin rights to the edge nodes of the Cisco Meeting Server infrastructure, which are managed through the management tool. This provided opportunities to penetrate further into the corporate network.

Urgent patching required

This vulnerability is serious because almost all versions of Cisco Meeting Management are vulnerable. According to Cisco, device configuration makes no difference. No workaround is available, but a patch has now been released and users are strongly advised to install it.

  • Versions 3.8 and earlier: Users should migrate to a patched version.
  • Version 3.9: Users should upgrade to version 3.9.1.
  • Version 3.10: Users do not need to do anything, this version is not vulnerable.

It is currently unknown if the vulnerability has already been actively exploited.

Also read: Cisco product flaw gives unauthorized users admin rights