CVE-2026-20098 – Cisco Meeting Management Arbitrary File Upload Vulnerability

This patch addresses a high-severity vulnerability (CVE-2026-20098) in Cisco Meeting Management (CMM). The issue exists in the Certificate Management component of the web-based management interface, where improper input validation allows an authenticated attacker to upload arbitrary files to the system. A successful exploit enables the attacker to overwrite files that are processed by the root system account, leading to command execution and full system compromise.

The vulnerability allows an attacker with valid credentials and at least the video operator role to send a crafted HTTP request to the vulnerable interface. Once the malicious file is uploaded, it can overwrite system files or inject commands that execute with root-level privileges, exposing the system’s confidentiality, integrity, and availability. CVE-2026-20098 carries a CVSS v3.1 score of 8.8 (High).

Cisco released a software update that resolves the vulnerability by correcting the input validation in the affected interface. The flaw affects Cisco Meeting Management versions 3.12 and earlier, and it is fixed in version 3.12.1. There are no available workarounds, making patching the only effective remediation.