Monday, January 27, 2025
HomeCiscoCritical Cisco Small Business IP Phone Flaws Exposes Users to Remote Attacks

Critical Cisco Small Business IP Phone Flaws Exposes Users to Remote Attacks

Published on

SIEM as a Service

Follow Us on Google News

Cisco has issued a security advisory warning users of its Small Business SPA300 and SPA500 Series IP Phones about multiple critical vulnerabilities that could allow remote attackers to execute arbitrary commands or cause denial of service (DoS) conditions.

These vulnerabilities affect all software releases for the mentioned series, and no software updates or workarounds are currently available.

Vulnerability Details

The vulnerabilities, CVE-2024-20450, CVE-2024-20452, and CVE-2024-20454, allow unauthenticated remote attackers to execute arbitrary commands on the operating system with root privileges.

This is due to improper error checking of incoming HTTP packets, leading to a potential buffer overflow.

CVE-2024-20451 and CVE-2024-20453 could also enable attackers to cause a DoS condition, forcing affected devices to reload unexpectedly.

These vulnerabilities are rated with a Security Impact Rating (SIR) of High. The command execution vulnerabilities have a CVSS Base Score of 9.8, indicating critical severity, while the DoS vulnerabilities have a CVSS Base Score of 7.5.

How to Build a Security Framework With Limited Resources IT Security Team (PDF) - Free Guide

Vulnerability IDDescriptionCVSS Base Score
CVE-2024-20450 IP Phones Web UI Arbitrary Command Execution Vulnerability9.8
CVE-2024-20452 IP Phones Web UI Arbitrary Command Execution Vulnerability9.8
CVE-2024-20454 IP Phones Web UI Arbitrary Command Execution Vulnerability9.8
CVE-2024-20451IP Phones Web UI DoS Vulnerability7.5
CVE-2024-20453IP Phones Web UI DoS Vulnerability7.5

Cisco has confirmed that no software updates will be released to address these vulnerabilities, as the affected products have entered the end-of-life process.

Customers are advised to consult Cisco’s end-of-life notices and consider device migration to ensure continued security and support.

Cisco’s advisory emphasizes regularly checking security advisories to determine exposure and explore upgrade solutions.

While there are no workarounds available, Cisco recommends that users of the affected IP phone series consider migrating to newer, actively supported models.

Customers should ensure that any new devices meet their network needs and are compatible with existing hardware and software configurations.

Users can contact the Cisco Technical Assistance Center (TAC) or their maintenance providers for further guidance.

Cisco has acknowledged Aidan of BAE Systems Digital Intelligence for reporting these vulnerabilities. As of now, there have been no public announcements or reports of malicious exploitation of these vulnerabilities.

Are you from SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Free Access

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

White House Considers Oracle-Led Takeover of TikTok with U.S. Investors

In a significant development, the Trump administration is reportedly formulating a plan to prevent...

Critical Vulnerability in IBM Security Directory Enables Session Cookie Theft

IBM has announced the resolution of several security vulnerabilities affecting its IBM Security Directory...

Critical Apache Solr Vulnerability Grants Write Access to Attackers on Windows

A new security vulnerability has been uncovered in Apache Solr, affecting versions 6.6 through...

GitHub Vulnerability Exposes User Credentials via Malicious Repositories

A cybersecurity researcher recently disclosed several critical vulnerabilities affecting Git-related projects, revealing how improper...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

More like this

White House Considers Oracle-Led Takeover of TikTok with U.S. Investors

In a significant development, the Trump administration is reportedly formulating a plan to prevent...

Critical Vulnerability in IBM Security Directory Enables Session Cookie Theft

IBM has announced the resolution of several security vulnerabilities affecting its IBM Security Directory...

Critical Apache Solr Vulnerability Grants Write Access to Attackers on Windows

A new security vulnerability has been uncovered in Apache Solr, affecting versions 6.6 through...