Cisco has disclosed a really critical flaw in its IP telephones that may be exploited to realize distant code execution and perform DoS assaults.
Cisco has disclosed a high-severity vulnerability, recognized as CVE-2022-20968, affecting its 7800 and 8800 collection IP Telephones (excluding the Cisco Wi-fi IP Cellphone 8821). An adjoining unauthenticated attacker can set off the flaw to trigger a stack overflow on an affected system, resulting in distant code execution and denial of service (DoS) assaults.
The vulnerability is triggered as a result of inadequate enter validation of obtained Cisco Discovery Protocol packets.
An attacker might exploit this flaw by sending specifically crafted Cisco Discovery Protocol packets to an affected system.
“A vulnerability within the Cisco Discovery Protocol processing performance of the Cisco IP Cellphone 7800 and 8800 Sequence firmware might enable an unauthenticated adjoining attacker to trigger a stack overflow on an affected system. reads the discover printed by the corporate. This vulnerability is triggered as a result of inadequate enter validation of obtained Cisco Discovery Protocol packets. An attacker might exploit this vulnerability by sending specifically crafted Cisco Discovery Protocol visitors to an affected system. A profitable exploit might enable the attacker to trigger a stack overflow, resulting in doable distant code execution or a denial of service (DoS) situation on an affected system.
The Cisco Product Safety Incident Response Workforce (PSIRT) is conscious of the supply of proof-of-concept exploit code for this vulnerability.
“Cisco PSIRT is conscious that proof-of-concept exploit code is accessible for the vulnerability described on this advisory and that this vulnerability has been publicly mentioned.” continues the report. “Cisco PSIRT will not be conscious of any malicious use of the vulnerability described on this advisory.”
The pc big plans to repair this flaw in January 2023.
In keeping with the advisory, no workaround is accessible but, the seller has solely offered a mitigation for this problem. The corporate recommends disabling Cisco Discovery protocol on affected IP telephones that additionally assist Hyperlink Layer Discovery Protocol (LLDP) for neighbor discovery. Gadgets will then use LLDP for discovery of configuration knowledge corresponding to voice VLAN, energy negotiation, and many others.
“Whereas this mitigation has been deployed and confirmed profitable in a take a look at atmosphere, prospects ought to decide applicability and effectiveness in their very own atmosphere and below their very own utilization situations. Prospects needs to be conscious that any workarounds or mitigations applied might negatively affect their community performance or efficiency relying on the inherent buyer deployment eventualities and limitations. concludes the evaluation. “Prospects shouldn’t deploy any workarounds or mitigations earlier than first evaluating the applicability to their very own atmosphere and any affect to that atmosphere.”
The vulnerability was reported by Qian Chen of QI-ANXIN Group’s Legendsec Codesafe Workforce.
Observe me on Twitter: @securityaffairs and Fb and Mastodon
(Safety instances – hacking, IP telephones)
Supply : https://information.google.com/__i/rss/rd/articles/CBMiTmh0dHBzOi8vc2VjdXJpdHlhZmZhaXJzLmNvL3dvcmRwcmVzcy8xMzk0NTMvc2VjdXJpdHkvY2lzY28taXAtcGhvbmVzLWZsYXcuaHRtbNIBAA?oc=5