THREATOPS
THREAT OPSThreat News › Cisco Enterprise Chat and Email Lite Agent File Upload Vulnerability

Cisco Enterprise Chat and Email Lite Agent File Upload Vulnerability

lowcisco_psirtPublished 2026-05-06

<p>A vulnerability in the Lite Agent feature of Cisco Enterprise Chat and Email (ECE) could allow an authenticated, remote attacker to conduct browser-based attacks. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of <em>Agent</em>.</p> <p>This vulnerability is due to inadequate validation of file contents during file upload operati

MITRE ATT&CK techniques

Indicators of compromise

Original source: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ece-lite-agent-BCgSN8eb?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Enterprise%20Chat%20and%20Email%20Lite%20Agent%20File%20Upload%20Vulnerability%26vs_k=1