Sunday, May 4, 2025
HomeCyber Security NewsCisco IP Phone Vulnerability Let Unauthenticated Attacker Execute Remote Code

Cisco IP Phone Vulnerability Let Unauthenticated Attacker Execute Remote Code

Published on

SIEM as a Service

Follow Us on Google News

Cisco has uncovered a high-severity vulnerability affecting its IP Phone 7800 and 8800 Series, tracked as CVE-2022-20968 (except Cisco Wireless IP Phone 8821). 

An unauthenticated, adjacent attacker might exploit the flaw to cause a stack overflow on an affected device, which can result in remote code execution and denial of service (DoS) attacks.

This vulnerability exists, due to inadequate input validation of received Cisco Discovery Protocol packets. An attacker could exploit this vulnerability by sending crafted Cisco Discovery Protocol traffic to an affected device.

- Advertisement - Google News

“A successful exploit could allow the attacker to cause a stack overflow, resulting in possible remote code execution or a denial of service (DoS) condition on an affected device”, reads the advisory published by the company.

The vulnerability was reported to Cisco by Qian Chen of the Codesafe Team of Legendsec at QI-ANXIN Group.

Products Affected

The following Cisco products are vulnerable to this flaw:

  • IP Phone 7800 Series
  • IP Phone 8800 Series (except Cisco Wireless IP Phone 8821)

There are no workarounds that address this vulnerability.

Mitigations That Address This Vulnerability

Cisco Discovery Protocol can be disabled on impacted IP Phone 7800 and 8800 Series devices by administrators.

Then, for the purpose of discovering configuration information such as voice VLAN, power negotiation, and so forth, devices will employ LLDP.

The enterprise will need to remain cautious in determining the best method to implement it within their organisation as well as any potential effects on devices.

Cisco said customers should assess the applicability and efficacy in their own environments and usage circumstances. Also, customers need to be aware that, due to inherent customer deployment scenarios and limits, any workaround or mitigation they attempt may adversely affect the functionality or performance of their network.

It is also important to assess any workarounds or mitigations for their individual environments and any potential effects before deploying them. 

Cisco claims that a patch will be available in January 2023 but has not yet published any security upgrades to address this flaw.

Secure Web Gateway – Web Filter Rules, Activity Tracking & Malware Protection – Download Free E-Book

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Threat Actors Attacking U.S. Citizens Via Social Engineering Attack

As Tax Day on April 15 approaches, a alarming cybersecurity threat has emerged targeting...

TerraStealer Strikes: Browser Credential & Sensitive‑Data Heists on the Rise

Insikt Group has uncovered two new malware families, TerraStealerV2 and TerraLogger, attributed to the...

MintsLoader Malware Uses Sandbox and Virtual Machine Evasion Techniques

MintsLoader, a malicious loader first observed in 2024, has emerged as a formidable tool...

Threat Actors Use AiTM Attacks with Reverse Proxies to Bypass MFA

Cybercriminals are intensifying their efforts to undermine multi-factor authentication (MFA) through adversary-in-the-middle (AiTM) attacks,...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Threat Actors Attacking U.S. Citizens Via Social Engineering Attack

As Tax Day on April 15 approaches, a alarming cybersecurity threat has emerged targeting...

TerraStealer Strikes: Browser Credential & Sensitive‑Data Heists on the Rise

Insikt Group has uncovered two new malware families, TerraStealerV2 and TerraLogger, attributed to the...

MintsLoader Malware Uses Sandbox and Virtual Machine Evasion Techniques

MintsLoader, a malicious loader first observed in 2024, has emerged as a formidable tool...