Denial of service in Cisco SIP IP Phone
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2018-0325 |
| CWE-ID | CWE-20 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Cisco 7800 Series IP Phones Hardware solutions / Office equipment, IP-phones, print servers Cisco 6800 Series IP Phones Hardware solutions / Office equipment, IP-phones, print servers |
| Vendor | Cisco Systems, Inc |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Improper input validation
EUVDB-ID: #VU12788
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0325
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.
The weakness exists in the Session Initiation Protocol (SIP) call-handling functionality due to incomplete input validation of SIP Session Description Protocol (SDP) parameters by the SDP parser. A remote attacker can send a specially crafted SIP packet, cause all active phone calls on the affected phone to be dropped while the SIP process on the phone unexpectedly restarts and cause the service to crash.
MitigationUpdate to version 12.1(1)MN130.
Vulnerable software versionsCisco 7800 Series IP Phones: All versions
Cisco 6800 Series IP Phones: All versions
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-ip-phone-dos
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
