#VU26976 Input validation error in Cisco Systems, Inc Hardware solutions


Published: 2021-01-03 | Updated: 2021-06-17

Vulnerability identifier: #VU26976

Vulnerability risk: High

CVSSv3.1: 9.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2020-3161

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: Yes

Vulnerable software:
Cisco IP Phone 7811
Hardware solutions / Office equipment, IP-phones, print servers
Cisco IP Phone 7821
Hardware solutions / Office equipment, IP-phones, print servers
Cisco IP Phone 7841
Hardware solutions / Office equipment, IP-phones, print servers
Cisco IP Phone 7861
Hardware solutions / Office equipment, IP-phones, print servers
Cisco IP Phone 8811
Hardware solutions / Office equipment, IP-phones, print servers
Cisco IP Phone 8841
Hardware solutions / Office equipment, IP-phones, print servers
Cisco Wireless IP Phone 8845
Hardware solutions / Office equipment, IP-phones, print servers
Cisco Wireless IP Phone 8851
Hardware solutions / Office equipment, IP-phones, print servers
Cisco Unified IP Conference Phone 8831
Hardware solutions / Office equipment, IP-phones, print servers
Cisco Wireless IP Phone 8821
Hardware solutions / Office equipment, IP-phones, print servers
Cisco Wireless IP Phone 8821-EX
Hardware solutions / Office equipment, IP-phones, print servers
Cisco IP Phone 8861
Hardware solutions / Routers & switches, VoIP, GSM, etc
Cisco IP Phone 8865
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor: Cisco Systems, Inc

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insufficient validation of user-supplied input of HTTP requests in the web server for Cisco IP Phones. A remote attacker can send a specially crafted HTTP request and execute arbitrary code with root privileges or cause a reload of an affected IP phone, resulting in a (DoS) condition.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Cisco IP Phone 7811: 11.0.1

Cisco IP Phone 7821: 11.0.1

Cisco IP Phone 7841: 11.0.1

Cisco IP Phone 7861: 11.0.1

Cisco IP Phone 8811: 11.0.1

Cisco IP Phone 8841: 11.0.1

Cisco Wireless IP Phone 8845: 11.0.1

Cisco Wireless IP Phone 8851: 11.0.1

Cisco IP Phone 8861: 11.0.1

Cisco IP Phone 8865: 11.0.1

Cisco Unified IP Conference Phone 8831: 10.3.1 ES14

Cisco Wireless IP Phone 8821: 11.0.5 SR1

Cisco Wireless IP Phone 8821-EX: 11.0.5 SR1

External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voip-phones-rce-dos-rB6EeRXs

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.


Latest bulletins with this vulnerability


Remote code execution in Cisco IP Phones