Cisco has actually divulged a high intensity defect that can be manipulated to execute remote code implementation and also DoS assaults on IP phones.

Cisco has actually divulged a high intensity susceptability, tracked as CVE-2022-20968, influencing the IP Phone 7800 and also 8800 Collection (omitting the Cisco Wireless IP Phone 8821). An unauthenticated, adjoining aggressor can activate the defect, creating a pile overflow on a damaged gadget, bring about remote code implementation and also denial-of-service (DoS) assaults.

The susceptability results from inadequate input recognition of obtained Cisco Exploration Procedure packages.

An aggressor can manipulate this defect by sending out particularly crafted Cisco Exploration Procedure packages to a damaged gadget.

“A susceptability in Cisco IP Phone 7800 and also 8800 Collection firmware’s Cisco Exploration Procedure handling can enable an unauthenticated, adjoining aggressor to create a pile overflow on a damaged gadget.” reviews the consultatory provided by the firm. “This susceptability results from inadequate access recognition of obtained Cisco Exploration Procedure packages. An aggressor can manipulate this susceptability by sending out crafted Cisco Exploration Procedure web traffic to a damaged gadget. An effective manipulate would certainly create a pile overflow for the aggressor to create a feasible remote code implementation or can cause a rejection of solution (DoS) circumstance.”

The Cisco Item Protection Case Feedback Group (PSIRT) recognizes the presence of a proof-of-concept manipulate code for this susceptability.

“Cisco PSIRT understands that proof-of-concept manipulate code exists for the susceptability defined in this consultatory which this susceptability has actually been talked about openly.” proceeds the record. “Cisco PSIRT is not knowledgeable about any kind of harmful use the susceptability defined in this advisory.”

The IT large strategies to repair this defect in January 2023.

According to the consultatory, there is no workaround yet, the supplier has actually just given reduction for this concern. The firm advises disabling Cisco Exploration Procedure on damaged IP Phones that likewise sustain Web link Layer Exploration Procedure (LLDP) for next-door neighbor exploration. Instruments can after that utilize voice VLAN, power arrangement, and so on. It makes use of LLDP for exploration of arrangement information such as

“While this reduction has actually been carried out and also verified to be effective in an examination atmosphere, clients need to establish stability and also efficiency in their atmosphere and also utilize instance. Clients think that any kind of workaround or reduction carried out will negatively impact the performance or efficiency of their networks based upon their inner consumer release situations and also constraints. He must understand that it can impact him.” finishes the examination. “Clients need to not apply any kind of workarounds or reductions prior to initial assessing applicability and also any kind of influence to their atmosphere.”

The susceptability was reported by Qian Chen of Codesafe Group of Legendsec at QI-ANXIN Team.

Follow me on Twitter: @security jobs and also Facebook and also Mastodon

Pierluigi Paganini

(Security Affairs hacking, IP phones)





#Cisco #discloses #flaw #affecting #Phone #SeriesSecurity #Affairs

Leave a Reply

Your email address will not be published. Required fields are marked *