What is CVE-2025-20329?

CVE-2025-20329 is a medium-severity vulnerability in Cisco Roomos Software, classified under Insertion of Sensitive Information into Log File. CVSS score: 4.9/10. Published 2025-10-15.

How severe is CVE-2025-20329?

Medium severity. CVSS v3 base score is 4.9 out of 10.

Is CVE-2025-20329 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Information disclosure in Cisco Roomos Software

CVE-2025-20329

A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. To exploi…

EPSS: 0.001 (16.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.9 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N.

Affected products

Cisco Roomos Software — versions RoomOS 10.11.2.2, RoomOS 10.15.2.2, RoomOS 11.5.4.6

Weakness classification (CWE)

CWE-532 — Insertion of Sensitive Information into Log File

Public proof-of-concept exploits

fkie-cad/nvd-json-data-feeds

References

cisco-sa-roomos-inf-disc-qGgsbxAm

Frequently asked questions

What is CVE-2025-20329?: CVE-2025-20329 is a medium-severity vulnerability in Cisco Roomos Software, classified under Insertion of Sensitive Information into Log File. CVSS score: 4.9/10. Published 2025-10-15.
How severe is CVE-2025-20329?: Medium severity. CVSS v3 base score is 4.9 out of 10.
Is CVE-2025-20329 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.