Recently, Cisco has addressed a severe vulnerability affecting its IP Phone firmware that could allow remote code execution or DoS attacks. The vendor confirmed having detected PoC exploits for the stack overflow in its IP Phone 7800 and 8800 Series firmware.
Cisco IP Phone RCE Vulnerability Received A Fix
Sharing the details in a recent advisory, Cisco highlighted a high-severity vulnerability riddling its IP Phones 7800 and 8800 Series.
As explained, the vulnerability specifically affected the Cisco Discovery Protocol processing feature of the Cisco IP Phones. The bug appeared due to insufficient input validation of the incoming Cisco Discovery Protocol packets.
Consequently, it allowed an unauthenticated adversary to send maliciously crafted Cisco Discovery Protocol packets to the target devices to induce stack overflow. As a result, the attacker Could trigger denial-of-service or conduct RCE attacks on the target devices.
This vulnerability, CVE-2022-20968, received a high-severity rating with a CVSS score of 8.1. Cisco confirmed the existence of the PoC exploit code of the flaw in the public. However, it did not detect any malicious exploitations before releasing the vulnerability fix.
According to the timeline shared in the advisory, Cisco first disclosed this vulnerability in December 2022. However, it took the firm months to patch the vulnerability, releasing the fix only now.
The vulnerable devices include IP Phone 7800 Series and IP Phone 8800 Series (except Cisco Wireless IP Phone 8821) running the IP Phone firmware version 14.2 and earlier. Cisco released the patch with IP Phone firmware release 14.2(1) for the respective devices. It also credited Qian Chen of the Codesafe Team of Legendsec at QI-ANXIN Group for reporting this flaw to Cisco.
While the updates would automatically reach the relevant Cisco IP Phone users, users must check for any updates manually to ensure receiving the patch in time. Moreover, since Cisco confirmed having no workarounds for the vulnerability, updating the vulnerable devices at the earliest is even more critical.