Skip to main content

Cisco Releases Security Advisory for Cisco IP Phones

Exploitation of the vulnerabilities could allow an attacker to create a DoS condition, record user credentials, replay VOIP calls, or initiate calls on the device

Threat ID:
CC-4485
Threat Severity:
Medium
Published:
2 May 2024 2:25 PM
Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Exploitation of the vulnerabilities could allow an attacker to create a DoS condition, record user credentials, replay VOIP calls, or initiate calls on the device

Threat details

Introduction

Cisco has released a security advisory to address three vulnerabilities in four IP Phone product lines.

The vulnerability known as CVE-2024-20376 has a CVSSv3 score of 7.5 and is in the web-based management interface of the IP Phone firmware. Exploitation of this vulnerability could allow a remote, unauthenticated attacker to force the device to reload by sending a crafted request, resulting in denial-of-service (DoS).

The vulnerability known as CVE-2024-20378 has a CVSSv3 score of 7.5 and is in the web-based management interface of the IP Phone firmware. Exploitation of this vulnerability could allow a remote, unauthenticated attack to connect to the device and retrieve sensitive information, including user credentials and traffic to and from the affected device, including VoIP calls that could be replayed.

The vulnerability known as CVE-2024-20357 has a CVSSv3 score of 5.3 and is in the Extensible Markup Language (XML) service of the IP Phone firmware. Exploitation of this vulnerability could allow a remote, unauthenticated attacker to initiate calls or play sounds on the device. 

Remediation advice

Affected organisations are encouraged to review the Cisco advisory cisco-sa-ipphone-multi-vulns-cXAhCvS and apply the relevant updates.

CVE Vulnerabilities

Status Published

CVE-2024-20376

A vulnerability in the web-based management interface of Cisco IP Phone firmware could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a DoS condition. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to cause the affected device to reload.
Status Published

CVE-2024-20378

A vulnerability in the web-based management interface of Cisco IP Phone firmware could allow an unauthenticated, remote attacker to retrieve sensitive information from an affected device. This vulnerability is due to a lack of authentication for specific endpoints of the web-based management interface on an affected device. An attacker could exploit this vulnerability by connecting to the affected device. A successful exploit could allow the attacker to gain unauthorized access to the device, enabling the recording of user credentials and traffic to and from the affected device, including VoIP calls that could be replayed.
Status Published

CVE-2024-20357

A vulnerability in the XML service of Cisco IP Phone firmware could allow an unauthenticated, remote attacker to initiate phone calls on an affected device. This vulnerability exists because bounds-checking does not occur while parsing XML requests. An attacker could exploit this vulnerability by sending a crafted XML request to an affected device. A successful exploit could allow the attacker to initiate calls or play sounds on the device.

Last edited: 2 May 2024 2:25 pm