CVE-2020-26085 CRITICAL

CVE-2020-26085: Cisco Jabber Desktop and Mobile Client Software Vulnerabilities

Vendor Cisco
Product Cisco Jabber
Weakness CWE-201
Published January 6, 2021
Last update November 12, 2024

CVSS base score

9.9/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. For more information about these vulnerabilities, see the Details section of this advisory.

Key dates

02Disclosure timeline

January 6, 2021 CVE published
November 12, 2024 Record updated