A major vulnerability (CVE-2024-20445) has been found in Cisco Desk Telephone 9800 Sequence, IP Telephone 7800 and 8800 Sequence, and Video Telephone 8875 that would permit distant, unauthenticated attackers to entry delicate data.
This vulnerability, labeled below CWE-200 (Publicity of Delicate Info to an Unauthorized Actor), is because of improper storage of delicate data throughout the net consumer interface (UI) of Session Initiation Protocol (SIP)-based telephone software program.
CVE-2024-20445 – Abstract of the Vulnerability
The flaw stems from improper dealing with of delicate data throughout the net UI, significantly when the Internet Entry characteristic is enabled.
Attackers can exploit this vulnerability by merely searching the IP tackle of an affected machine.
Construct an in-house SOC or outsource SOC-as-a-Service -> Calculate Prices
If profitable, they may entry delicate knowledge, together with name information (each incoming and outgoing) saved on the machine.
It is very important be aware that these gadgets’ Internet Entry characteristic is disabled by default, decreasing the quick threat.
Nevertheless, in cases the place it has been enabled, the vulnerability turns into exploitable.
Cisco has acknowledged the problem and promptly launched software program updates to deal with it. Sadly, this vulnerability has no workarounds past making use of the fastened software program variations.
Affected Merchandise
On the time of publication, the next Cisco merchandise had been confirmed to be susceptible if working a inclined model of Cisco SIP IP Telephone Software program and Internet Entry was enabled:
- Cisco Desk Telephone 9800 Sequence
- Cisco IP Telephone 7800 Sequence
- Cisco IP Telephone 8800 Sequence (besides the Wi-fi IP Telephone 8821)
- Cisco Video Telephone 8875
Customers should confirm whether or not Internet Entry is enabled on their gadgets.
If that’s the case, disabling it or making use of software program updates ought to be thought-about quick actions to guard towards potential exploitation.
Cisco has launched software program patches to deal with this problem. Customers are urged to evaluate the Cisco Safety Advisories web page commonly to make sure they run the most recent, safe software program variations.
When upgrading, customers should be sure that gadgets have the required assets and assist to perform with the up to date software program.
Run non-public, Actual-time Malware Evaluation in each Home windows & Linux VMs. Get a 14-day free trial with ANY.RUN!