Cisco TelePresence Collaboration Endpoint Software and RoomOS Software Denial of Service Vulnerability Advisory ID: cisco-sa-tce-roomos-dos-9V9jrC2q First Published: 2026 February 4 16:00 GMT Severity: High CVSS Score: Base 7.5 CWE: CWE-1287 Cisco Bug IDs: CSCws04170 Workarounds: No workarounds available Summary A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software allows an unauthenticated, remote attacker to cause a Denial of Service (DoS) condition on an affected device. The attacker can exploit this by causing the device to render crafted text, such as a meeting invitation, without user interaction. Cisco has released software updates to address this vulnerability. Affected Products Vulnerable Products: Cisco TelePresence CE Software and Cisco RoomOS Software, regardless of device configuration. Products Confirmed Not Vulnerable: None Workarounds No workarounds are available. Fixed Software Customers are advised to upgrade to a fixed software release as indicated in the table below. Exploitation and Public Announcements No public announcements or malicious use of the vulnerability have been observed. Source This vulnerability was found during internal security testing.