Denial of service in Cisco Small Business SPA50x/SPA51x/SPA52x Series IP Phones
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2017-12259 CVE-2017-12260 |
| CWE-ID | CWE-20 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Small Business SPA51x Hardware solutions / Office equipment, IP-phones, print servers Small Business SPA52x Hardware solutions / Office equipment, IP-phones, print servers Small Business SPA50x Hardware solutions / Office equipment, IP-phones, print servers |
| Vendor | Cisco Systems, Inc |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Denial of service
EUVDB-ID: #VU8891
Risk: Low
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-12259
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition.
The weakness exists in the implementation of Session Initiation Protocol (SIP) functionality in Cisco Small Business SPA51x Series IP Phones due to improper handling of SIP request messages. A remote attacker can send malformed SIP messages and the device to become unresponsive.
Successful exploitation of the vulnerability results in denial of service.
Update to version 7.6(2)SR2.
Vulnerable software versionsSmall Business SPA51x: All versions
CPE2.3 External linkshttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171018-sip
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Denial of service
EUVDB-ID: #VU8892
Risk: Low
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-12260
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition.
The weakness exists in the implementation of Session Initiation Protocol (SIP) functionality in Cisco Small Business SPA51x Series IP Phones due to improper handling of SIP request messages. A remote attacker can send formatted specifiers in a SIP payload and cause the device to become unresponsive.
Successful exploitation of the vulnerability results in denial of service.
Update to version 7.6(2)SR2.
Vulnerable software versionsSmall Business SPA51x: All versions
Small Business SPA52x: All versions
Small Business SPA50x: All versions
CPE2.3- cpe:2.3:h:cisco_systems:small_business_spa51x:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:small_business_spa52x:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:small_business_spa50x:*:*:*:*:*:*:*:*
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171018-sip
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
