Cisco Patches Critical RCE Vulnerability in IP Phones

March 1, 2023

Cisco has released security updates to address a critical security vulnerability (CVE-2023-20078) found in the Web UI of multiple IP Phone models. Unauthenticated and remote attackers can exploit the vulnerability in remote code execution (RCE) attacks. According to Cisco, "A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of an affected device." The company also disclosed a second high-severity vulnerability (CVE-2023-20079) that can be abused to trigger denial-of-service (DoS) conditions.

The list of affected devices includes Cisco IP Phone 6800, 7800, and 8800 series devices with Multiplatform Firmware (vulnerable to both RCE and DoS attacks), and the Unified IP Conference Phone 8831, Unified IP Conference Phone 8831 with Multiplatform Firmware, and Unified IP Phone 7900 Series (only vulnerable to DoS attacks). Cisco has not yet released a security update for a high-severity zero-day vulnerability (CVE-2022-20968) with public exploit code found in the Cisco Discovery Protocol (CDP) processing feature of Cisco IP Phones running 7800 and 8800 Series firmware. However, admins are advised to disable CDP on affected IP Phone devices supporting Link Layer Discovery Protocol (LLDP) to remove the attack vector.

"Cisco Unified IP Phone 7900 Series and Cisco Unified IP Conference Phone 8831 have entered the end-of-life process," Cisco said. Zack Sanchez of the Cisco Advanced Security Initiatives Group (ASIG) discovered the security vulnerabilities during internal security testing. "A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of an affected device," Cisco said.

Latest News

Like what you see?

Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.

Subscribe Below

By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.

Accelerate Security Teams

Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.