Cisco Meeting Management vulnerability could allow attackers to gain administrator privileges

Another significant issue in the field of technology security has been identified: a new vulnerability has been discovered in Cisco Meeting Management, potentially allowing attackers to gain administrator privileges within the system.

This vulnerability is tracked as CVE-2025-20156 and is linked to insufficient control over the authorization of REST API users in Cisco Meeting Management.

To exploit the vulnerability, attackers can send specially crafted requests via the REST API to a specific endpoint. If the attack is successful, they can gain administrator privileges, granting them full control over edge nodes managed by Cisco Meeting Management.

This vulnerability is considered critical because attackers with administrator privileges can control all system activities, access confidential data, and deploy malicious programs. However, it is worth noting that only authenticated users with existing access to the system can exploit this vulnerability, which limits its overall impact.

Which Versions of Cisco Meeting Management Are Affected?

The vulnerability affects all versions of Cisco Meeting Management prior to version 3.9.1. Specifically:

• Versions 3.9 and earlier: Vulnerable.
• Versions 3.9.1 and 3.10: The vulnerability has been patched.

Recommendations for Mitigating the Vulnerability:

Cisco has released free software updates to address this issue. All users are strongly advised to:

1. Update the software. Immediately upgrade Cisco Meeting Management to version 3.9.1 or later.
2. Verify technical requirements. Ensure that your devices meet minimum memory and hardware requirements before upgrading.
3. Monitor security updates. Regularly review security advisories released by Cisco to protect all products in use.
4. Educate staff. Conduct regular training to inform users about cybersecurity risks and best practices.

Important: There are no workarounds available for this vulnerability. Installing the official update from Cisco is the only way to mitigate the risk.

Cisco’s Product Security Incident Response Team (PSIRT) has confirmed that, as of now, this vulnerability has not been exploited in real-world attacks. It was discovered during internal security testing, highlighting Cisco’s proactive approach to identifying and addressing potential threats.

Conclusion:

Organizations using Cisco Meeting Management should apply the necessary updates as quickly as possible. Timely actions to ensure cybersecurity not only protect data but also guarantee the reliable operation of systems. With the rapid development of technology and the emergence of new threats, regular system updates and the reinforcement of security policies are essential measures.

Take action today to protect your network — update your systems and ensure security on time!