overview

Cisco has released security updates for vulnerabilities impacting its IP Phone 6800, 7800, 7900, and 8800 Series products.  

The first vulnerability is tracked as CVE-2023-20078 and has a CVSS score of 9.8. According to Cisco, the flaw could allow an unauthenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability impacts the following products:  

  • IP Phone 6800 Series with Multiplatform Firmware 
  • IP Phone 7800 Series with Multiplatform Firmware 
  • IP Phone 8800 Series with Multiplatform Firmware 

The second vulnerability is tracked as CVE-2023-20079 and has a CVSS score of 7.5. CVE-2023-20079 is due to insufficient validation of user-supplied input. It could allow an unauthenticated, remote attacker to cause a DoS condition. According to Cisco, the bug is in the web-based management interface of the following products:  

  • IP Phone 6800 Series with Multiplatform Firmware 
  • IP Phone 7800 Series with Multiplatform Firmware 
  • IP Phone 8800 Series with Multiplatform Firmware 
  • Unified IP Conference Phone 8831 
  • Unified IP Conference Phone 8831 with Multiplatform Firmware 
  • Unified IP Phone 7900 Series 

There are no workarounds to address the vulnerabilities, but the company has released Cisco Multiplatform Firmware version 11.3.7SR1 to resolve CVE-2023-20078. Cisco stated that they will not release software updates to address CVE-2023-20079, as the products have reached the end-of-life process. It is highly recommended that organizations apply the appropriate updates as soon as possible.  

 

 

avertium's recommendations

For patch guidance regarding CVE-2023-20078, please see Cisco’s advisory.  

 

 

INDICATORS OF COMPROMISE (IoCs)

At this time, there are no known IoCs associated with CVE-2023-20078 and CVE-2023-20079. Avertium’s threat hunters remain vigilant in locating IoCs for our customers. Should any be located, Avertium will disclose them as soon as possible. For more information on how Avertium can help protect your organization, please reach out to your Avertium Service Delivery Manager or Account Executive.    

 

 

How Avertium is Protecting Our CUSTOMERS

  • Expanding endpoints, cloud computing environments, and accelerated digital transformation have decimated the perimeter in an ever-expanding attack surface. Avertium offers Attack Surface Management, so you’ll have no more blind spots, weak links, or fire drills. 
  • Avertium offers Vulnerability Management to provide a deeper understanding and control over organizational information security risks.  If your enterprise is facing challenges with the scope, resources, or skills required to implement a vulnerability management program with your team, outsourced solutions can help you bridge the gap. 
  • Avertium offers Zero Trust Network as a Service (ZTNaaS) for any organization that wants to control their attack surface. The zero-trust security model delivers exactly what the name promises: it is an IT security concept that specifies no access is allowed until the successful completion of authentication and authorization processes.  



 

 

SUPPORTING DOCUMENTATION

Cisco IP Phone 6800, 7800, 7900, and 8800 Series Web UI Vulnerabilities 

Critical Flaw in Cisco IP Phone Series Exposes Users to Command Injection Attack (thehackernews.com) 

Cisco patches critical bugs in IP Phones | SC Media (scmagazine.com) 

 

 

Related Resource:  2023 Cybersecurity Landscape: 8 Lessons for Cybersecurity Professionals

Chat With One of Our Experts



Cisco Vulnerabilities Flash Notice Cisco Blog