Security updates: Attackers can spy on Cisco IP phones
Admins should promptly install the secure firmware for Cisco's 6800, 7800 and 8800 series IP phones.
(Bild: heise online)
Several Cisco IP phone models are vulnerable. Attackers can use several security gaps to access information that is actually sealed off. They can also use DoS attacks to take devices out of circulation.
In a warning message, the network supplier describes three vulnerabilities (CVE-2024-20356"high", CVE-2024-20357"medium", CVE-2024-20358"high"). Attacks should be possible remotely without authentication. Due to insufficient input checks, attackers can use special requests to target the web-based management interface.
Specifically, these IP phone models are under threat:
- IP Phone 6800 with Multiplatform Firmware
- IP Phone 7800 with multiplatform firmware
- IP Phone 8800 with multiplatform firmware
- Video Phone 8875 in multiplatform mode
Cisco states that these firmware versions are protected against the attacks described:
- 12.0.4SR1 (IP Phone)
- 2.3.1.0101 (Video Phone)
So far, there are no reports of ongoing attacks. Cisco's IP phones should have a fixed place in the regular maintenance cycle - there are always serious security gaps in the firmware. Last year, for example, attackers were able to gain root rights on vulnerable devices.
(des)
