CVE-2025-20329
A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability exists because certain unencrypted credentials are stored when SIP media component logging is enabled. An attacker could exploit this vulnerability by accessing the audit logs on an affected system and obtaining credentials to which they may not normally have access. A successful exploit could allow the attacker to use those credentials to access confidential information, some of which may contain personally identifiable information (PII). Note: To access the logs that are stored in the Webex Cloud or stored on the device itself, an attacker must have valid administrative credentials.
EPSS 0.05% · 16.5th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| cisco | telepresence_collaboration_endpoint | 9.0.0.0 |
| Cisco | Cisco RoomOS Software | RoomOS 10.11.2.2, RoomOS 10.15.2.2, RoomOS 11.5.4.6 |
| cisco | roomos | 10.0.0.0 |
Exploit Intelligence
Timeline
- Oct 10, 2024 CVE ID Reserved
- Oct 15, 2025 Coalition ESS Score
- Oct 15, 2025 CVE Published
- Oct 15, 2025 CVE Updated
- Oct 16, 2025 EPSS Score
- Oct 16, 2025 Coalition ESS Score
- Oct 22, 2025 EPSS Score
- Oct 28, 2025 EPSS Score
- Nov 1, 2025 Coalition ESS Score
- Nov 3, 2025 EPSS Score
- Nov 9, 2025 EPSS Score
- Nov 15, 2025 EPSS Score