CVE-2026-20172 | Cisco Enterprise Chat and Email up to 15.0(1)_ET1 Lite Agent Feature reliance on file name or extension of externally-supplied file (cisco-sa-ece-lite-agent-BCgSN8eb)

Inserito da Angelo Barbosa | Mag 6, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in Cisco Enterprise Chat and Email. The affected element is an unknown function of the component Lite Agent Feature. The manipulation leads to reliance on file name or extension of externally-supplied file.

This vulnerability is referenced as CVE-2026-20172. Remote exploitation of the attack is possible. No exploit is available.

It is advisable to upgrade the affected component.

CVE-2026-20172 | Cisco Enterprise Chat and Email up to 15.0(1)_ET1 Lite Agent Feature reliance on file name or extension of externally-supplied file (cisco-sa-ece-lite-agent-BCgSN8eb)

Post correlati

CVE-2024-12986 | DrayTek Vigor2960/Vigor300B 1.5.1.3/1.5.1.4 Web Management Interface apmcfgupptim session os command injection

CVE-2023-7005 | Sciener TTLock App downgrade (VU#949046)

CVE-2024-36887 | Linux Kernel up to 6.6.30/6.8.9 e1000e usleep_range denial of service (f8a139656c95/950d5226cd6b/387f295cb215)

CVE-2023-32366 | Apple macOS Font File out-of-bounds write