Home

CVE-2020-26085

Description

Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information. For more information about these vulnerabilities, see the Details section of this advisory.

Risk Information

Base Score
9.9
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.733

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2020-26085 are affected in Cisco Jabber 12.1.3Windows
Vulnerabilities CVE-2020-26085 are affected in Cisco Jabber 12.5.2Windows
Vulnerabilities CVE-2020-26085 are affected in Cisco Jabber 12.6.3Windows
Vulnerabilities CVE-2020-26085 are affected in Cisco Jabber 12.7.2Windows
Vulnerabilities CVE-2020-26085 are affected in Cisco Jabber 12.8.3Windows
Vulnerabilities CVE-2020-26085 are affected in Cisco Jabber 12.9.1Windows
Vulnerabilities CVE-2020-26085 are affected in Cisco Jabber 12.9.2Windows
Cisco Jabber Desktop and Mobile Client Software Vulnerabilities For Cisco JabberNCM
Cisco Jabber Desktop and Mobile Client Software Vulnerabilities For Cisco Jabber for WindowsNCM
Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability (CVE-2020-26085)NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-1705811Security Update for Cisco Jabber for Windows 11.6(1.38147)
PATCH-350863Cisco Jabber (15.1.1) (Manual Upload Required)
PATCH-350863Cisco Jabber (15.1.1) (Manual Upload Required)
PATCH-350863Cisco Jabber (15.1.1) (Manual Upload Required)
PATCH-350863Cisco Jabber (15.1.1) (Manual Upload Required)
PATCH-350863Cisco Jabber (15.1.1) (Manual Upload Required)
PATCH-350863Cisco Jabber (15.1.1) (Manual Upload Required)
PATCH-350863Cisco Jabber (15.1.1) (Manual Upload Required)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234