THREAT OPS › Threat News › Cisco Enterprise Chat and Email Lite Agent File Upload Vulnerability
Cisco Enterprise Chat and Email Lite Agent File Upload Vulnerability
<p>A vulnerability in the Lite Agent feature of Cisco Enterprise Chat and Email (ECE) could allow an authenticated, remote attacker to conduct browser-based attacks. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of <em>Agent</em>.</p> <p>This vulnerability is due to inadequate validation of file contents during file upload operati
MITRE ATT&CK techniques
- CredentialsT1589.001
Indicators of compromise
- CVE-2026-20172cve