Cisco has launched a brand new safety advisory warning of a high-severity flaw affecting IP Phone 7800 and 8800 Series firmware that could possibly be probably exploited by a distant attacker to trigger distant code execution or a denial-of-service (DoS) situation.
The networking tools main mentioned it is engaged on a patch to handle the vulnerability, which is tracked as CVE-2022-20968 (CVSS rating: 8.1) and stems from a case of inadequate enter validation of acquired Cisco Discovery Protocol (CDP) packets.
CDP is a proprietary network-independent protocol that’s used for gathering data associated to close by, instantly related units akin to {hardware}, software program, and machine title, amongst others. It’s enabled by default.
“An attacker might exploit this vulnerability by sending crafted Cisco Discovery Protocol visitors to an affected machine,” the corporate mentioned in an alert revealed on December 8, 2022.
“A profitable exploit might permit the attacker to trigger a stack overflow, leading to doable distant code execution or a denial of service (DoS) situation on an affected machine.”
Cisco IP telephones operating firmware model 14.2 and earlier are impacted. A patch is scheduled for launch in January 2023, with the corporate stating that there aren’t any updates or workarounds to remediate the problem.
However, on deployments that assist each CDP and Link Layer Discovery Protocol (LLDP) for neighbor discovery, customers can decide to disable CDP in order that the affected units change to LLDP for promoting their id and capabilities to instantly related friends in a neighborhood space community (LAN).
“This will not be a trivial change and would require diligence on behalf of the enterprise to judge any potential influence to units in addition to the perfect method to deploy this transformation of their enterprise,” the corporate mentioned.
It additional warned that it is conscious of the supply of a proof-of-concept (PoC) exploit and that the shortcoming has been publicly disclosed. There’s no proof that the vulnerability has been actively abused within the wild thus far.
Qian Chen from the Codesafe Team of Legendsec at Qi’anxin Group has been credited with discovering and reporting the vulnerability.