Tweet
A high-severity vulnerability has been discovered in a widely-used Cisco phone adapter that could allow threat actors to execute arbitrary code on the target endpoints, the company has confirmed.
Users are advised to move to a different device, given that the vulnerable ones reached end-of-life and are no longer receiving upgrades and fixes.
Cisco said that its SPA112 2-Port Phone Adapter lacks proper authentication processes in its firmware upgrade function. As a result, victims could end up installing a malicious firmware update, and, “a successful exploit could allow the attacker to execute arbitrary code on the affected device with full privileges.”
[HEADING=1]Local access only[/HEADING]
The flaw is tracked as CVE-2023-20126, and has a severity score of 9.8 - critical.
The publication claims the adapters are “popular” among organizations looking to use analog phones on their VoIP networks without needing to upgrade. The silver lining in the flaw is that the adapters are not usually connected to the public internet, meaning threat actors would need to first access the local network in order to be able to exploit the flaw.
However, the vulnerability could be used to move laterally through the target network more easily, the publication adds, as security software usually doesn’t monitor tools such as this one.
Read more
Given that the SPA112 reached end-of-life status and isn’t receiving updates, Cisco said it wouldn’t be addressing the vulnerability with a fix. Instead, it has told its customers to replace it with the ATA 190 Series Analog Telephone Adapter, a device that will be supported until March 31, 2024.
Cisco said that there is no evidence the flaw is currently being abused in the wild, but now that the information is out there, incursions are bound to happen. Outdated software and hardware are one of the most common ways hackers access target networks.
[ul]
[li]These are the best endpoint protection tools right now[/li][/ul]
Via: BleepingComputer
Continue reading…
Users are advised to move to a different device, given that the vulnerable ones reached end-of-life and are no longer receiving upgrades and fixes.
Cisco said that its SPA112 2-Port Phone Adapter lacks proper authentication processes in its firmware upgrade function. As a result, victims could end up installing a malicious firmware update, and, “a successful exploit could allow the attacker to execute arbitrary code on the affected device with full privileges.”
[HEADING=1]Local access only[/HEADING]
The flaw is tracked as CVE-2023-20126, and has a severity score of 9.8 - critical.
The publication claims the adapters are “popular” among organizations looking to use analog phones on their VoIP networks without needing to upgrade. The silver lining in the flaw is that the adapters are not usually connected to the public internet, meaning threat actors would need to first access the local network in order to be able to exploit the flaw.
However, the vulnerability could be used to move laterally through the target network more easily, the publication adds, as security software usually doesn’t monitor tools such as this one.
Read more
Cisco says it’s spotted more security flaws in its SMB routers
Cisco says its server management tool has a serious security flaw
Check out the best firewalls right now
Cisco says its server management tool has a serious security flaw
Check out the best firewalls right now
Cisco said that there is no evidence the flaw is currently being abused in the wild, but now that the information is out there, incursions are bound to happen. Outdated software and hardware are one of the most common ways hackers access target networks.
[ul]
[li]These are the best endpoint protection tools right now[/li][/ul]
Via: BleepingComputer
Continue reading…